250 Million KPU Data Allegedly Leaked, Here's The Response Of Cyber Security Experts

Screenshot of the breach forum page (photo: Dinda/VOI)

JAKARTA - On the first day of the start of the 2024 election campaign, more than 250 million fixed voter data (DPT) from the General Elections Commission (KPU) website were allegedly leaked and sold on illegal sites.

First seen by VOI from the tweet of the X Teguh Aprianto or @secgron account, a cybersecurity consultant, as well as a founder from Ethical Hacker Indonesia on Tuesday, November 28.

In his post, Teguh, who also attached a screenshot of the beach forum, said 'Not yet an election and knows the results, but all of our latest personal data has been leaked first.'

Belum juga pemilu dan tau hasilnya gimana tapi data pribadi kita semua yang terbaru malah udah bocor duluan.Sungguh berguna sekali kalian @kemkominfo, @BSSN_RI dan @KPU_ID 👍🏻 pic.twitter.com/9Tkvj07jLH

— Teguh Aprianto (@secgron) November 28, 2023

Not yet an election and know the results but all of our latest personal data has been leaked first. It's really useful for you @kemkominfo, @BSSN_RI and @KPU_ID pic.twitter.com/9Tkvj07jLH

The alleged leaked data includes full name, NIK, NKK, ID card/Passport number, gender, place and date of birth, marital status, and also an address that includes RT/RW.

This data is sold at a price of 74,000 US dollars or equivalent to Rp1.13 billion. Hackers who use the name Goodminton also provide 500 thousand free samples that can be seen by everyone.

Pratama Persadha as Chairman of the CISSReC Cyber Security Research Institute claimed to have verified sample data through the cendpt website, and the data released by the Cendpt website is the same as the sample data shared by hackers, including the TPS number where voters are registered.

Jimbo also conveyed in a post on the forum that the 252 million data he managed to obtain were several duplicated data, where afterTEN did the screening, there were 204,807,203 unique data where this number is almost the same number of voters in the KPU Permanent DPT, which amounted to 204,807,222 voters from 514 regencies/cities in Indonesia and 128 representative countries," said Pratama in an official statement received by VOI.

Based on another screenshot shared by Goody, Pratama predicts that it is very likely that fire will gain login access with the KPU Admin role from the sidalih.kpu.go.id domain using the phishing method, social engineering or through malware.

"Where by having access from one of these users please download voter data and several other data. CISSREC has also previously given an alert to the KPU chairman about vulnerability in the KPU system on June 7, 2023," he added.

Furthermore, Pratama said, if the prediction is correct, this could be very dangerous at the election democracy party which will soon be held because it is possible that the account with the admin role can be used to change the results of the vote count recapitulation.