The Privacy Diaries: How Indonesia could have prevented it’s largest e-commerce data leak
Tokopedia, Indonesia’s largest e commerce platform has become the latest victim of online hacks. With an estimated 15 million user accounts exposed, this has caused major concern in an already tense economic situation in the Asian nation. But could all of this have been prevented?
Founded in 2009, Tokopedia had become an essential service due to the current global pandemic. Plenty of Indonesians rely upon their services to deliver items they wouldn’t have access to otherwise.
Investigators claim the hack happened in March of this year, where hackers used social engineering tactics to send phishing emails to the company’s 4700 + employees. The investigation also found that consumer emails, names and password are now being sold on the dark web for $5000.
It seems that Tokopedia’s management didn’t take consumer’s data security as serious as they should have. A report by the Jakarta post found that plenty of its employees had access to the companies internal system. Tokopedia also used the services of third-party entities who had access to the company’s internal and sensitive system. Whether its incompetence or poor security structure, something needs to be done to prevent future damage.
The E commerce industry is an ever-growing industry especially with the current global pandemic. Companies like Shopify, who offer similar services can learn a lot from Tokopedia’s mistake. A blog post by security engineer Ayoub Fathi outlined how he was able to access the revenue and traffic data of thousands of stores due to Shopify’s flawed API.
Invest in Blockchain
Tokopedia, like many other E-commerce companies should look at the option of investing in a security system backed by blockchain technology. The decentralized nature of blockchain makes companies less susceptible to data hacks.
The middleware components of blockchain networks like Debrief could be exactly what needed to combat future hacks. Debrief allows other application to build a more robust security system that combats cyber-crimes.
Cyber hackers are becoming more sophisticated in their efforts, so it’s time for a new approach to stay ahead of the curve.
