Police Inafis Data Leaks On Dark Web, BSSN Ensures It's Old Data

JAKARTA - Not long ago, on X there was a lot of discussion about data leaks targeting the Indonesia Automatic Fingerprint Identification System, a system to automatically identify through fingerprints.

First discovered by the X account @FalconFedsio, the data leaked on this dark site includes sensitive data such as fingerprint images, emails, and SpringBoot applications with configuration properties.

Breach of Indonesia Automatic Fingerprint Identification System (INAFIS)Date: June 22, 2024Leaked by: MoonzHaxor on BreachForumsSummary:MoonzHaxor, a member of BreachForums, has uploaded a significant data breach involving the Indonesia Automatic Fingerprint Identification… pic.twitter.com/jja3QfPy4C

— FalconFeeds.io (@FalconFeedsio) June 22, 2024

Breach of Indonesia Automatic Fingerprint Identification System (INAFIS)Date: June 22, 2024Leaked by: MoonzHaxor on BreachForumsSummary:MoonzHaxor, a member of BreachForums, has uploaded a significant data beach involving the Indonesia Automatic Fingerprint Identification... pic.twitter.com/jja3QfPy4C

In the post, which includes screenshots of the dark site, it also highlighted an offer to sell this compromised data for 1000 US dollars or around Rp. 16.4 million.

Responding to this issue, the Head of the National Cyber and Crypto Agency (BSSN) Hinsa Siburian has coordinated with the police, and confirmed that the leaked data is old data.

"So of course we cross-check, we confirm with the Police. Is this really your data? They say there is data, indeed old data. That is their provisional answer," said Hinsa on Monday, June 24 at the Kominfo office.

Despite the issue of the leak, Hinsa ensured that all POLRI Inafis services and systems were running well to date.

"And we have confirmed this with the Police. That it is their old data that is traded on the dark web. My father is very respectful, that's roughly what I can say," he concluded.