top of page

Tokopedia hacked – Login details of 91 million users sold on dark web

The Indonesian e-commerce giant has over 90 million users.

Another day, another data breach – This time hackers have targeted Tokopedia and as a result, personal and login credentials of 91 million users are being sold on a dark web marketplace for $5000.

Tokopedia is an Indonesian technology company specializing in e-commerce. Founded in 2006; the company has become a giant with more than 91 million registered users/customers and over 7 million merchants.

However, the bad news for Tokopedia users is that apparently, the company has suffered a massive breach and personal data of users is at risk. This data includes:

Gender Location Username Full name Email address Phone numbers Hashed password

Although yet unconfirmed; it seems like the database does not contain payment card data of users or merchants.

Screenshot from the dark web marketplace where Tokopedia’s data is being sold (Image credit:

The data breach monitoring firm Under the Breach who is familiar with the incident has confirmed to that the database being traded online contains authentic data belonging to Tokopedia and includes data till March 2020. We have also seen the sample data and can confirm that Tokopedia has indeed suffered a breach.

Preview of sample data is available below:

Sample data has also sent emails to some of the victims who have confirmed that they are registered users on Tokopedia for several years. 

The aftermath of this breach will be long-lasting especially on customers and merchants who will now suffer series of email scams as previously seem where cybercriminals used the victim’s real password from data breaches to carry out extortion and identity theft-related scams.

Nevertheless, if you have an account with Tokopedia, advises you to change it immediately. Moreover, also change the password for your login email and keep an eye on any malicious activity on your account.

Update: 03 May 2020, 20:06 (GMT) can now confirm that the hacker has sold Topopedia’s database to at least 2 buyers. One of the buyers has also left positive feedback verifying that the data is authentic. Here is an exclusive screenshot showing sale and feedback:

However, we have also learned that the same hacker has now uploaded 4 new databases offering millions of login credentials. These databases include:


An e-learning platform based in India that claims to be the country’s “largest learning platform.” Currently, the hacker is selling login credentials of 20 million Unacademy users for $2,000.


Chatbooks is a mobile app that creates photo books using your digital photos. Currently, the hacker is claiming selling login credentials of 15 million users for $2,000.

The Daily Chronicle

The same hacker is also claiming to sell 3 million accounts from The Daily Chronicle, an online news website covering local news in DeKalb County, Illinois. It is quite possible that the hacker breached the site and stole details of its subscribers. Currently, the data is being sold for $1,500.

Knock CRM

Knock is a Seattle based lead management and communication platform and apparently it has suffered a data breach as well. Currently, the hacker is claiming selling login credentials of 15 million users for $1,200.


We have sent emails to all the above-mentioned companies for their response. Stay tuned.



bottom of page