Indonesian eCommerce site Bukalapak has confirmed a hacking attempt. The hacker who goes by the alias Gnosticplayers claimed that he had hacked into 13 million accounts. However, Bukalapak assured in a press release that confidential and important data such as user passwords and financial information “remain secure despite past attempt made on Bukalapak’s old and stale information”.

Head of Bukalapak corporate communication Intan Wibisono said, “As a leading technology company in Indonesia, we place security and privacy of our users as our utmost important priority and no misuse of information is ever tolerated.”

Facing continuous cybersecurity threats, Wibisono added that the company will continue to improve Bukalapak’s security system to prevent data breaches. However, users should be mindful when undertaking online activities. He recommended users to periodically change their passwords and activate Two-Factor authentication (2FA) feature offered in Bukalapak to add extra layers of protection.

“2FA is a feature that can prevent misuse of data or unauthorised login from unrecognised devices. Maintaining password confidentiality and following security guidelines are critical to have secure online activities,” said Wibisono.

Besides Bukalapak, the hacker also allegedly hacked into a Indonesian college and career platform Youthmanual with 1.12 million accounts.

Read more:

Bukalapak picks PHD Indonesia for offline media duties

ECommerce players in Indonesia share their tips to success

Bukalapak bolsters payment offering through DANA partnership