BSSN Traces Leaking Hole For COVID-19 Patient Data

JAKARTA - 230 thousand data on patients who have undergone the COVDI-19 examination were leaked on the hacker forum. In fact, these data are traded for 200 US dollars or around Rp. 2.8 million.

The leaked data contains fairly complete information, because it includes name, address, Identity Number (NIK), COVID-19 examination results, and status of people under surveillance (ODP) and Patients Under Monitoring (PDP). Some of them are foreign nationals (WNA) who took the rapid test.

In response to this, the National Cyber and Crypto Agency (BSSN) stated that it had coordinated with the Ministry of Health (Kemenkes) and the COVID-19 Task Force to investigate the news. Including finding out where the hackers took the data.

"BSSN has coordinated with the Ministry of Health and the relevant Task Force to ensure that there is no unauthorized access which results in data leaks in the Electronic System and active information assets handling the COVID-19 pandemic," said BSSN spokesman Anton Setiyawan in a written statement, Sunday, June 21.

Not only coordinating, his party has also taken several steps to ensure security in the electronic system belonging to the COVID-19 Task Force. This includes improving coordination between the central and regional governments in the security of patient information data related to handling COVID-19.

In addition, all related parties are also asked to participate in implementing Information Security Management Standards and building a cybersecurity culture. So, irresponsible parties cannot take advantage of breaking into the system and stealing highly confidential data.

"BSSN invites all elements involved in handling the COVID-19 pandemic to always apply Information Security Management Standards and build a cybersecurity culture in managing their electronic systems," said Anton.

Finally, in his statement, Anton reminded that data theft or unauthorized access to an electronic system could be subject to criminal law with up to seven years imprisonment.

"Those who are threatened with a maximum imprisonment of seven years and / or a maximum fine of Rp. 700 million in accordance with Article 46 paragraph 2 of Law 11 of 2008 concerning Electronic Information and Transactions," concluded Anton.

On the other hand, the Minister of Communication and Informatics (Menkominfo) Johnny G Plate said that his party was investigating information on the leakage of COVID-19 patient data together with the National Cyber and Crypto Agency (BSSN). Johnny hopes all databases stay safe.

"We will trace the news and coordinate with BSSN which is in charge of security and data recovery for COVID-19. Kominfo will coordinate to evaluate the data center of ministries / other related institutions. Hopefully other data centers are also safe," said Johnny.