TEMPO.CO, Jakarta - Cybersecurity and digital forensics expert Alfons Tanujaya criticized the Indonesian government for repeatedly failing to protect sensitive data. The latest incident involves the alleged leak of personal information belonging to civil servants (ASN), which was offered for sale for US$10,000 or Rp160 million on the dark web, BreachForums.
“As the saying goes, a donkey doesn't fall into the same hole multiple times, but maybe there are a lot of donkeys,” Alfons said in a video release on Tuesday, August 13, 2024.
The alleged ASN data leak was previously brought up by the Indonesian cyber research institution, Communication and Information System Security Research Center (CISSReC), on social media. This institution said that an anonymous hacker, TopiAx, offered 4,759,218 rows of data claimed to be the BKN data on BreachForums on August 10, 2024.
The leaked data includes sensitive information, such as place and date of birth, title, employee registration number (NIP), and employment details. Alfons stressed that the leaked data could be used for malicious purposes in the digital realm, lamenting the recurring data breach despite the government’s vow of evaluation.
Following the hacking of the Temporary National Data Center (PDNS) 2 in Surabaya last July, the government planned to review the data center facility.
Alfons also urged the government to dismiss incompetent IT managers in protecting the servers and clouds “We have to learn from large institutions about how they manage data,” he said.
Vino Dita Tama, Acting Head of the Public Relations, Legal, and Cooperation Bureau of the State Civil Service Agency (BKN), confirmed that his institution acknowledged the alleged data breach. However, the BKN is still confirming the authenticity of the data along with the National Cyber and Encryption Agency (BSSN) to investigate the case.
“An investigation is underway,” Vino told Tempo on Sunday, August 11, 2024. He claimed that no electronic systems for the public had been disrupted after news of the ASN data leak emerged. However, the public is still advised to update their passwords as a precautionary measure.
Comments
Post a Comment