Brinztech: Indonesian E-commerce Site Tries.co.id DB Leaked

Dark Web News Analysis

The dark web news reports a potential database leak originating from Tries.co.id, an Indonesian e-commerce platform apparently specializing in custom apparel and printing services. The leak was announced and posted on a hacker forum.

Key details:

• Source: Tries.co.id (Indonesian E-commerce).
• Data Content: Unspecified database contents. Given the nature of the site, this likely includes customer Personally Identifiable Information (PII) such as names, email addresses, phone numbers, physical/shipping addresses, order history, and potentially user account credentials (usernames, hashed passwords).
• Availability: Allegedly posted directly on the hacker forum, suggesting potentially free distribution or low-cost sale.

This leak potentially exposes sensitive personal and transactional data of Indonesian consumers.

Key Cybersecurity Insights

This alleged leak signifies a security incident with several concerning implications, typical of e-commerce breaches:

1. Customer PII & Credential Exposure: This is the primary threat. The leaked database likely contains a combination of:
   • PII: Full Names, Email Addresses, Phone Numbers, Physical/Shipping Addresses.
   • Credentials: Usernames and Hashed Passwords.
   • Transactional Data: Order History. This data package puts affected customers at significant risk.
2. High Risk of Credential Stuffing: This is a major immediate consequence. Attackers will use the leaked email addresses and attempt to crack the hashed passwords. These credential pairs will then be used in automated attacks against countless other websites – especially other Indonesian e-commerce sites, banking portals, social media, and email providers – exploiting users who reuse passwords.
3. Targeted Phishing & Scam Risk (Multi-Vector): The combination of names, email addresses, phone numbers, physical addresses, and potentially order history allows attackers to craft highly convincing phishing and scam campaigns delivered via:
   • Email: Fake order confirmations, shipping problems, payment issues, or account security alerts impersonating Tries.co.id or related Indonesian services (e.g., JNE, Gojek).
   • SMS/WhatsApp: Similar scams delivered via text or popular messaging apps in Indonesia.
   • Phone Calls (Vishing): Scammers calling users, potentially referencing past orders or addresses to sound legitimate.
4. Identity Theft & Fraud: The leaked PII (especially names, addresses, phone numbers) can be aggregated with data from other sources to facilitate broader identity theft or fraudulent account openings.
5. Violation of Indonesian Data Protection Law (UU PDP): This leak constitutes a breach under Indonesia’s Law No. 27 of 2022 concerning Personal Data Protection (UU PDP), fully effective since October 17, 2024. This mandates:
   • Notification (within 72 hours) to the relevant authority (likely Kominfo or the forthcoming Data Protection Agency).
   • Notification to affected data subjects (the customers).
   • Potential for significant administrative sanctions and fines against Tries.co.id.

Mitigation Strategies

Response strategies should prioritize verifying the breach, protecting users from credential abuse and scams, and ensuring regulatory compliance:

1. For Tries.co.id: IMMEDIATE Investigation & Response.
   • Verify Leak & Scope: Urgently verify the authenticity of the leak and its scope (number of records, specific data fields, timeframe). Engage internal IT/security or external experts. Determine the source of the leak (e.g., website vulnerability, database misconfiguration, API flaw, third-party compromise) and contain it immediately.
   • Notify Authorities & Users: Fulfill mandatory reporting obligations under UU PDP to the Indonesian authorities within 72 hours. Notify all affected customers promptly and transparently. Explain what data was exposed and the specific risks (credential stuffing, multi-vector phishing). Provide clear guidance.
   • Force Password Reset & Mandate MFA: Immediately force password resets for ALL user accounts. Implement strong password policies. Strongly implement and encourage Multi-Factor Authentication (MFA) for user accounts.
   • Enhanced Monitoring: Implement enhanced monitoring for suspicious login attempts, account takeover signs, and potential further data exfiltration attempts.
   • Security Audit: Conduct a thorough security audit of the e-commerce platform, database security, API endpoints, and server configurations. Address identified vulnerabilities.
2. For Affected Tries.co.id Users: Assume PII & Credential Compromise.
   • Change Tries.co.id Password IMMEDIATELY: Reset your password to a strong, unique one. Enable MFA if offered.
   • CRITICAL: Change Reused Passwords Everywhere: Identify ANY other online account (email, banking, social media, other e-commerce) where you used the same or a similar password as Tries.co.id. CHANGE THOSE PASSWORDS IMMEDIATELY to unique ones. Use a password manager.
   • Extreme Phishing Vigilance (Multi-Channel): Be extremely suspicious of unsolicited emails, SMS messages, WhatsApp messages, and phone calls that reference Tries.co.id, past orders, deliveries, or payment issues. NEVER click links, provide credentials, give out personal/financial info, or make payments based on such contacts. Verify independently through the official Tries.co.id website or app only.
   • Monitor Finances: Keep an eye on bank accounts and payment methods used on Tries.co.id for any unauthorized activity.

Secure Your Business with Brinztech — Global Cybersecurity Solutions Brinztech protects organizations worldwide from evolving cyber threats. Whether you’re a startup or a global enterprise, our expert solutions keep your digital assets safe and your operations running smoothly.

Questions or Feedback? This analysis is based on threat intelligence from a dark web forum. E-commerce breaches frequently lead to widespread credential stuffing and targeted phishing attacks. Brinztech provides cybersecurity services worldwide and does not endorse or guarantee the accuracy of external claims. For any inquiries or to report this post, please email: contact@brinztech.com