Over 1M Lazada RedMart accounts sold online after data breach


Level 69
Content Creator
Malware Hunter
Aug 17, 2014
Singapore's largest online grocery store Lazada Redmart has suffered a data breach after 1.1 million user accounts were put up for sale on a hacker forum.
Lazada is a billion-dollar arm of Alibaba with over 8,000 employees globally. The database dump containing sensitive customer is priced at $1,500.

Hackers selling the illicit data dumps told BleepingComputer they had obtained Lazada's MongoDB-based data set with data from over 1.1 million RedMart accounts. The leaked dump contains RedMart customer accounts' email addresses, SHA-1 hashed passwords, first and last name, phone numbers, mailing addresses, billing addresses, partial credit card numbers, and expiration dates. [...]

On October 29th, Lazada sent out an email notification to impacted customers stating they had discovered the breach during "proactive monitoring" of their systems.
Read more below: