Traces Of Bjorka Hacking: Portrait Of Government Failure To Protect Personal Data

JAKARTA - Andil, the government, maintains personal data, is often questioned. The Ministry of Communication and Information (Kominfo) is not clear about the number of people working to protect personal data. Time and again the data was leaked, from Tokopedia customer data to voter data in the 2014 General Election.

The portrait of the government's failure to maintain data is then clarified by the emergence of hackers such as Bjorka. The anonymous hacker continues to leak personal data from various servers in Indonesia. Bjorka is increasingly opening the government's ulcers in maintaining personal data.

Personal data protection is part of human rights. The data should be stored, maintained, and guaranteed confidentiality. The narrative seems majestic, but only proven on paper.

Personal data protection in Indonesia is very weak if it should not be said to be minimal. Many people become victims. They no longer have privacy. Vulnerable to cyber crime. Instead of governments like Kominfo and the National Cyber and Crypto Agency (BSSN) trying to protect data from private parties, data from government servers alone broke into.

Take for example in 2020, data from 91 million users and seven million Tokopedia sellers are suspected of having an address. Hacking personal data got worse when 2.3 million Indonesian personal data from the 2014 election were successfully broken.

The data leak also spread to other sites such as Redoorz and Creditplus. The government's ignoring gong sound is the leakage of data from hundreds of millions of BPJS Health members.

The data was sold on Raid-Forum at a price of Rp. 84 million. Leaks after leakage of data prove that the government has not carried out its role in supervising, taking action and preventing leaks. In fact, a firm government contribution is needed.

The owner of power must have the courage to impose sanctions on the data manager. Firmness is carried out so that the data manager can immediately correct the shortcomings. Instead, live on to continue the existing trend like a preacher that in other countries is also facing the same problem, while fighting fate.

The government also has no teeth in dealing with data managers. Bad data managers should be sanctioned for not being able to protect managed data. In fact, every time the data is allegedly leaked, the investigation is not transparent.

The sanction, even if there is, only the address is heard. The pretext of the Ministry of Communication and Information that there is no Personal Data Protection Act to crack down on careless data managers is clearly far-fetched. Although not as strong as the law, legal procedures for acting are already tourcantum in Government Regulations on Trade Through Electronic Systems and Government Regulations on Electronic System Implementation," wrote the Timely Report Sue Data Leakage (2022).

The government's assessment of maintaining personal data comes with criticism. The government is considered to be toolittled the personal data affairs. This condition can be seen from the government's living behavior which cannot do much when personal data is broken here and there.

The government's neglect is increasingly shown by the emergence of an anonymous account calling itself Bjorka. Breach Forums Bjorka users continue to tear up the security of personal data spread from various servers, private and government servers.

His first action emerged in 2020. The account was the culprit of the leaking of data on 91 million Tokopedia subscribers in 2020. He also uploaded Tokopedia data on August 19, 2022. He also leaked 270 million Wattpad social media users.

The action continued with the data breach from IndiHome. A total of 26 million IndiHome customer data he then sold to the BreachForums on August 20, 2022. Bjorka's target then increased. He started taking 105 million population data from the General Elections Commission (KPU) and started uploading it on December 6, 2022.

Kominfo also got unlucky. The institution, which should be an example of maintaining security, was instead broken into. Bjorka was also able to get 1.3 billion registration data from Sim Card which began to be uploaded to the BreachForums on August 31.

The rest of Bjorka tried to embarrass state officials. Data on state officials are trying to spread such as the Minister of Communication and Information Johnny G. Plate, Minister of SOEs, Erick Thohir, even to the President of Indonesia, Joko Widodo (Jokowi).

The attempt to embarrass Bjorka's style made the government take immediate action. A special team was created. The team was filled by Kominfo, the State Intelligence Agency, BSSN, and the National Police. The result was nil. Even though some youths from various parts of the archipelago were arrested and accused of being the mastermind of Bjorka's anonymous account.

The absence of evidence is the reason the government released the person accused of being Bjorka. The personal data security affairs in Indonesia have never been resolved. In fact, to this day. The Indonesian government continues to argue that hacking is not only in Indonesia, but in other countries.

"If possible (Bjorka) do not attack. Every time the data leak is harmed, the public, it's illegal access," advised the Directorate General of Informatics Applications (Ditjen Aptika) Kominfo, Semuel Abrijani Pangerapan to Bjorka, in a press conference quoted by the Suara.com page, September 7, 2022.