In March 2019, the Indonesian e-commerce website Bukalapak discovered a data breach of the organisation’s backups dating back to October 2017. The incident exposed approximately 13 million unique email addresses alongside IP addresses, names and passwords stored as bcrypt and salted SHA-512 hashes.

Domain Entries Date Breached Hashing Privacy acknowledged?
https://bukalapak.com 13,369,666 2017-10-23 bcrypt, SHA-512 Public No

Information leaked

Email addresses, IP addresses, Names, Passwords, Usernames

Notice any errors/mistakes in this breach entry? Please contact us and we will fix it ASAP. We strive to be the best and most accurate, so your contribution(s) will be greatly appreciated.