E-Commerce Firm ‘Lazada’ Breached by Hackers and User Data Accessed

  • Alibaba’s ‘Lazada’ subsidiary has had a data breach incident through its grocery handle, RedMart.
  • The incident affected 1.1 million customers from Singapore, who had their emails, phone numbers, and names exposed.
  • All account passwords have been reset, and users were logged out automatically.

‘Lazada,’ an e-commerce operator from Singapore, has announced a major data breach that resulted in the leak of 1.1 million account details. This includes user information like full names, phone numbers, email addresses, encrypted passwords, and partial credit card numbers. ‘Lazada’ is owned by Alibaba since 2016, and two years after the acquisition, they became the largest e-commerce entity in Southeast Asia, measuring over 50 million active shoppers annually.

Lazada assured the press that its IT team moved quickly to block access to the database, so the hackers couldn’t infiltrate deeper and gain access to more recent information. What was actually compromised is data that’s older than 18 months and concern its grocery arm ‘RedMart.’ Thus, if you have created a Lazada account more recently, chances are that you have not been affected by this incident.

For Lazada customers worrying about their data, the firm suggests that you reach out to an agent via the embedded chat system, which is available 24/7. Alternatively, you may call (02) 7795 8900 to address your concerns to the central customer care. Lazada clarified that all of the affected customers would receive a relevant email, so if you haven’t received anything, it means that your data is safe.

Singapore has a data protection commission, the PDPC, and they are known to be very strict with data breaches. Almost two weeks ago, PDPC refreshed its directions to the “security masters” for the reasonable security measures that must be taken to avoid data breach events. Lazada took the precautionary measure to log out all existing accounts and reset their passwords, while the presence of password encryption is also a positive element in this situation.

Naturally, there is going to be a large volume of spam and phishing attempts targeting the 1.1 million addresses that have been possibly leaked, so keep that in mind and treat these communications with care. Also, even if the database did not include the full credit card numbers and CVVs, you should monitor your bank account activity and report anything suspicious immediately.

REVIEW OVERVIEW

Recent Articles

Discovery+ to Launch on January 4th in US, Eyes 70 Million Subscribers

Discovery+ is the new streaming service in town, and it will launch in the US on January 4th.The platform will feature content...

How to Watch UFC Fight Night: Hermansson vs. Vettori Online – Fight Card, Start Time, Odds, Live Stream

This weekend, MMA fans have a big fight on their hands, as Hermansson is scheduled to face Vettori in the ring. The...

ADATA May Have Been up to Shenanigans – And It’s Not the Only One

SSD manufacturers are making part swaps on model revisions after the original reviews are out.This way, people think they’re getting a better...