Tech in Asia suffers massive data breach, exposing over 221,000 users' information

Tech in Asia, a prominent technology news outlet, has confirmed a significant data breach affecting over 221,470 users. The breach, attributed to the threat actor Sanggiero, resulted from exploiting several security flaws in the company’s API and other vulnerabilities. This infiltration enabled unauthorized access to users’ full names, roles, display names, email addresses, and registration dates.

The news website acknowledged the breach and confirmed that only its Indonesian site was compromised, not the main website. The company emphasized that no account passwords were leaked and is implementing additional measures to safeguard user data. In a statement, Tech in Asia stated, "Only email addresses and names were leaked; account passwords remain secure. We are further ensuring our users’ data remains safe."

The breach’s details emerged after Sanggiero published the stolen data on Breach Forums, a popular hacking forum. Sanggiero claimed that the sensitive information was breached in June 2024. The incident follows another significant data breach involving IntelBroker, where data from major UK-based international financial services firms Barclays and HSBC were exposed in a joint attack with Sanggiero.

Founded in August 2010 and headquartered in Singapore, Tech in Asia covers startups and innovation across Asia. The data breach has raised concerns about potential identity theft and targeted attacks on the affected users. The exposed data, which includes sensitive user information, underscores the importance of robust cybersecurity measures to protect user information against such threats.