Back to Radar
BU

Bukalapak

High

The 2017 Bukalapak breach exposed 13M user records including hashed passwords.

Records exposed
13,369,666 records
Breach date
Breach Oct 23, 2017
Last update
Updated Apr 18, 2019
Source

What data was exposed?

Fields reported as compromised in this breach record.

Email addressesIP addressesNamesPasswordsUsernames

Why does this breach matter?

In-depth analysis of the breach and its implications.

The Bukalapak data breach involved the unauthorized access of backup data from October 2017, which was later discovered and publicly disclosed in March 2019. The records of over 13 million users were affected, featuring sensitive details such as email addresses, IP addresses, names, passwords encrypted with bcrypt and salted SHA-512 hashes, and usernames.

Impact Analysis

Understanding the scope and consequences of this breach.

User Impact
Exposed user data could lead to phishing attacks or password compromise.
Business Impact
Potential trust and reputation damage for Bukalapak; regulators involvement.
Affected Sectors
  • E-commerce
Geographic Impact
  • Global
  • Primarily Indonesia

What You Should Do

Recommended actions to take in response to this breach.

If You Were Affected

  • Check if your account frequently uses the same email or username.
  • Reset your Bukalapak password if not done afterward.

Preventive Measures

  • Enable multifactor authentication on accounts.
  • Monitor suspicious login attempts using unique passwords for every site.

Frequently Asked Questions

Common questions about this breach and what it means for you.

Change your Bukalapak account password immediately and avoid reusing it elsewhere.

Attribution

Additional attribution provided with the breach record.

Maxime Thalet