The personal data of over 279 million Indonesians were allegedly leaked and sold on a hacker platform this month. The data include citizenship identity numbers, identity cards, phone numbers, email addresses, names, home addresses, and salaries.

Indonesia data breach heimdal

Image Source: TEMPO/Aditia Noviansyah

According to the Ministry of Communication and Information, the suspected data breach and its sale are being investigated on the hacker platform “Raid Forums.”

The Ministry of Home Affairs said the allegedly leaked data did not originate from the Population and Civil Registration department.

Information related to the data breach and its leakage first surfaced on social media, claiming to be from the Health Care and Social Security Agency (BPJS Kesehatan).

The spokesman for BPJS Kesehatan, Iqbal Anas Ma’ruf, declared that the agency is also investigating to determine if the leaked data originated from its system. A special team was appointed to immediately find the source of the leak.

BPJS claimed to have a strict and layered data security system in place to ensure personal data confidentiality.

Following the news of the incident, Commission I House of Representative (DPR) legislator Sukamta highlighted the fact that data breaches have happened too often which exposes Indonesia’s cybersecurity weaknesses.

This is how weak our cybersecurity is even though the BPJS always maintains and guarantees the security of its confidential data. Add to the fact that hackers often find themselves updating and improving their skills on constantly updated technologies.

Source

As the latest data breach has posed a critical alarm bell for the country’s weak cybersecurity, fellow Commission I legislator Dave Laksono added that House members intend to quickly pass the draft law on personal data protection.

Indonesia’s Central Information Commission (KIP) has also expressed concern about the pressing issue and pushed for the Personal Data Protection draft to be quickly passed.

It’s safe to say we are facing a personal data protection emergency amidst the wave of new technology developments. Which is why the personal data protection act must be quickly passed and made into law for the sake of people’s security.

Source

This is not the first cyberattack involving personal data leaks in Indonesia.

In 2020, users’ personal information data from users of two leading e-commerce sites, Tokopedia and Bukalapak, was leaked.

Additionally, no less than 2.3 million voter records from the General Election Commission (KPU) have been leaked and sold on online forums.

2021.05.10 QUICK READ

Threat Actors Use Data Leak Marketplaces for Data-Theft Extortion

cover photo for heimdal security news
2021.05.10 QUICK READ

Stolen Data Belonging to 2,100 Companies Leaked in Ransomware Attacks

data leakage prevention cover art
2021.02.18 INTERMEDIATE READ

What You Need to Know About Data Leakage Prevention

2017.09.04 QUICK READ

700+ Million Email Addresses Leaked and Why it Matters to You

data leakage
2016.09.08 INTERMEDIATE READ

All About (Concealed) Data Leakage for Users Like You and Me

Leave a Reply

Your email address will not be published. Required fields are marked *

GO TO TOP