Indonesia's largest e-commerce platform Tokopedia on Saturday said that it was investigating an attempted hack, in which the details of millions of its users may have been leaked online.
"We found that there had been an attempt to steal data from Tokopedia users," a spokesman for the company said in a statement late Saturday.
"However, Tokopedia ensures that crucial information such as passwords remains successfully protected behind encryption."
"At this moment, we continue to investigate further into this matter and there is no additional information that we can share," the statement added.
Data breach monitoring firm Under the Breach published a Twitter post on Saturday showing screenshots from an unnamed individual who claimed he had acquired the personal details (names, emails and birthdays) of 15 million Tokoedia users during a March 2020 hack on the e-commerce site. The hacker asks for assistance to "crack" users' passwords from an even larger database.
Under the Breach, which monitors cyber crime, said on Sunday the hacker had updated the post to offer the details of 91 million users for "$5,000 on the Darknet".
Tokopedia claims more than 90 million monthly active users. The company is backed by $2 billion in funding from investors including SoftBank Group Corp's Vision Fund and Alibaba. It has also been in talks on raising $1 billion to $1.5 billion in pre-IPO funding.