Cyber Incident Victim: RedMart

On or around October 30, 2020, a significant data breach impacted RedMart, an online grocery service owned by Lazada. The incident involved unauthorized access to a customer database containing the personal information of approximately 1.1 million user accounts. Attackers extracted this data and subsequently offered it for sale on an online forum. Lazada confirmed the breach publicly through a spokesman, disclosing that compromised records included customer names, phone numbers, email addresses, physical mailing addresses, encrypted passwords, and partial credit card numbers. The company emphasized that while passwords were encrypted—potentially reducing immediate credential misuse risks—the exposure of partial payment card details raised concerns about ancillary fraud vectors. No evidence suggested full credit card data or unencrypted credentials were compromised beyond the stated parameters.

The breach’s primary impact stemmed from the scale of exposed personally identifiable information (PII), affecting nearly all RedMart users at the time. Exfiltrated data types created risks of targeted phishing, identity theft, and social engineering attacks against affected individuals. While partial credit card information limited direct financial fraud opportunities, attackers could leverage mailing addresses and contact details for physical scams or credential-stuffing attacks against reused passwords elsewhere. Lazada’s confirmation occurred concurrently with public reporting of the data’s appearance on illicit forums, indicating external discovery preceded or coincided with internal detection. The company did not specify the breach’s root cause, intrusion timeline, or containment measures but acknowledged the incident through formal statements to media outlets without initially notifying customers directly.