E-commerce firm Lazada has announced that a major security breach has resulted in 1.1 million people’s personal information including addresses and partial credit card numbers being compromised.

The Alibaba-owned company said its cybersecurity team had discovered that someone was claiming to be in possession of personal information from its RedMart customer database during routine monitoring. Lazada was quick to highlight that the information stolen was not recent customer data and more than 18 months out of date. 

However, the e-commerce firm warned customers to beware of potential phishing emails that could try to take advantage of the breach to scam people.

“The customer information that was illegally accessed include names, phone numbers, email and mailing addresses, encrypted passwords and partial credit card numbers,” the company said in a statement.

In response to the cyberattack, Lazada immediately blocked access to the company’s database and claimed that current customer data was not affected. It also said it notified those affected by the hack via email on Friday and, as a security measure, logged every customer out of their existing account before asking them to log back in and create a new password. The company will, going forward, advise customers to change their passwords regularly. 

Lazada is conducting an investigation into the data breach and reported it to the Personal Data Protection Commission in Singapore, which in turn said it’s aware of the incident and is looking into it.

Think your friends would be interested? Share this story!