Allegations Of BKN Bocor Data, Kominfo Collaborates With BSSN To Conduct Search

Illustration of someone surfing the internet in the midst of threats of frequent leaks of personal data. (Pixabay)

Deputy Minister of Communication and Information (Wamenkominfo) Nezar Patria stated that his party was investigating the alleged data leak of the State Civil Service Agency (BKN). The search is in collaboration with the National Cyber and Crypto Agency (BSSN).

"It's being investigated, we are also working with BSSN, because there is a lot of information that mentions the leak of this data," said Nezar in Jakarta, Monday, August 12, quoted by Antara.

Nezar said the search was carried out to ascertain the truth of the alleged data leak that was reported.

According to him, often the data that is claimed to have been leaked by the perpetrators on the dark web is actually not real data.

"Sometimes the leaked data is not data as claimed by the perpetrators on the dark web. That's why we are currently investigating," said Nezar.

The CISSReC Cyber Security Research Institute revealed that personal data leaks were still happening again ahead of the 79th Anniversary of the Republic of Indonesia, this time the victim of the hack was the State Civil Service Agency (BKN).

"This finding originated from a post from hacker with the anonymous name TopiAx in Breachforums on Saturday, August 10, 2024," said Chairman of the CISSReC Cyber Security Research Institute Dr. Pratama Persadha when confirmed in Semarang, Sunday 11 August morning

In his upload, said the graduate lecturer at the State Intelligence College (STIN), hackers claimed to get data from BKN in the amount of 4,759,218 rows containing very many data, including name, place of birth, date of birth, title, date of CPNS, date of civil servants, NIP, number of SK CPNS, and number of SK PNS.

Other data, namely groups, positions, agencies, addresses, identity numbers, cellphone numbers, email (email), education, majors, and years of graduation.

In addition to these data, there are many other data, both in the form of cleartext (information stored or sent in unencrypted form) and text that have been processed using cryptographic methods.

In the post, Pratama continued, hackers who had joined the usual forum for buying and selling the hacks offered all of the data amounting to US$10,000 (around Rp160 million).

This cybersecurity expert revealed that hackers also shared data samples containing 128 ASNs from various agencies in Aceh.

Regarding this, the CISSReC has conducted random verification of 13 ASN whose names are listed in the data sample via WhatsApp.

"They think the data is valid even though someone informed about the last digit writing error on the NIK and NIK fields," said Pratama.