SINGAPORE (Reuters) – Singapore e-commerce firm Lazada said on Friday that customer information including names, addresses and partial credit card numbers had been illegally accessed in a breach reportedly impacting 1.1 million accounts.
The Alibaba-owned firm said in an email to customers that the information was taken from a database of its grocery arm RedMart that was more than 18 months old.
“The customer information that was illegally accessed include the names, phone numbers and addresses, encrypted passwords and partial credit card numbers of RedMart customers,” Lazada said in the email seen by Reuters.
Lazada added that it had moved to block access to the data and that its current customer data was not affected.
Lazada did not immediately respond to a request for further comment.
Singapore’s main broadcaster ChannelNewsAsia said a Lazada representative had confirmed that 1.1 million accounts were accessed, a major breach in the city-state of 5.7 million.
(Reporting by John Geddie and Chen Lin; editing by Jonathan Oatis)