Regarding Leaked NPWP Data, Kemenkominfo: There Are Legal Sanctions For Those Who Leak

The Director General of Information and Public Communication of the Ministry of Communication and Information, Prabu Revolution, conveyed his presentation to reporters at the Ngopi Bareng Kominfo event in Jakarta, Friday (13/9/2024). (DOC. ANTARA PHOTO)

The data leak of the Taxpayer Identification Number (NPWP) which has recently gone viral on social media because it was traded, was finally responded to by the Ministry of Communication and Information (Kemenkominfo).

Through, the Director General of Information and Public Communication (Dirjen IKP) of the Ministry of Communication and Information, Prabunindya Revta Revolution, said that in line with the statement of the Directorate General of Taxes (DJP) there was no data leakage and inter-related institutions continued to collaborate in investigations and mitigation.

"Our statement is of course the same as the DGT. It has been stated in an official statement that DGT, Kominfo, BSSN and Polri are coordinating intensively," Prabu said when confirmed, quoted from ANTARA, Saturday, September 21.

The official statement from the Ministry of Communication and Information also emphasizes the existence of the Personal Data Protection Law (UU PDP) which states that there are legal sanctions for parties who violate or leak public personal data.

Prabu said that the regulation stipulates that every party who discloses personal data that does not belong to him can be sentenced to a maximum imprisonment of 4 (four) years and/or a maximum fine of IDR 4 billion.

Meanwhile, those who use personal data instead of theirs can be sentenced to a maximum imprisonment of 5 (five) years and/or a maximum fine of IDR 5 billion.

Regarding the legal process for the alleged data leak, Prabu said the legal process would be handled by the National Police as law enforcement officers in accordance with the provisions of the applicable laws and regulations.

"The Ministry of Communication and Information continues to urge the public to maintain a conducive and active information climate to maintain data security by changing passwords periodically and avoiding suspicious links and files in order to avoid data theft," said Prabu.

Previously, on Friday (20/9), the Directorate General of Taxes (DJP) of the Ministry of Finance (Kemenkeu) had stated that there was no indication of leakage of taxpayer number principal data (NPWP) on the DGT information system.

"Based on the research that has been carried out, log access data in the last six years shows that there are no indications that lead to data leakage directly from the DGT information system," said Director of Counseling, Services, and Public Relations of the Ministry of Finance Dwi Astuti in Jakarta, Friday.

Dwi emphasized that the scattered data structure is not a data structure related to the implementation of the rights and fulfillment of tax obligations of taxpayers.

Furthermore, the DGT stated that it will continue to maintain the confidentiality of taxpayer data and improve security on information systems and agency-owned infrastructure.

The alleged leak of NPWP data emerged after the founder of the Indonesian Ethical Hacker Teguh Aprianto uploaded a screenshot of the Breach Forums site.

Through the @secgron X account, he said as many as 6 million NPWP data were traded on the site by an account named Bjorka on September 18, 2024.