Rows Of Data Leaks After The PDNS 2 Attack, Starting From BPJS Ketenagakerjaan To The Directorate General Of Hubud

Illustration of the Directorate General of Civil Aviation (photo: Ministry of Transportation)

JAKARTA - Data leaks continue to occur in Ministries/Institutions in Indonesia. Most recently, members of the BreachForums uploaded data from the Directorate General of Indonesian Air Transportation from the Indonesian Ministry of Transportation.

Found by user X @FalconFedsio, the leaked database of more than 3GB contains employee data, passwords for all application and website users, employee ID cards, drone pilot participant certificates, and flight data related to aircraft.

Previously, the same account also posted data leaks from BPJS Ketenagakerjaan which included full names, date of birth, email address, telephone number, age group, address, postal code, province, and others.

🚨 Indonesian Directorate General of Civil Aviation Data Breach 🚨A member of BreachForums has posted about a significant data breach involving the Indonesian Directorate General of Civil Aviation. The leaked database, over 3GB in size, includes employee data, passwords for all… pic.twitter.com/6VW63dP1G0

— FalconFeeds.io (@FalconFeedsio) June 28, 2024

Indonesian Directorate General of Civil Aviation Data Breach A member of BreachForums has posted about a significant data building the Indonesian Directorate General of Civil Aviation. The lectured database, over 3GB in size, includes employee data, passwords for all... pic.twitter.com/6VW63dP1G0

Not only that, not long after the news of the previous data leak, there was also data from the Denpasar City One Stop Integrated Service and Investment Service which leaked on illegal sites, which includes company names, status, addresses, emails, telephone numbers, user names, project sites, investments, and others.

However, in a statement received by VOI, the Deputy for Communication for BPJS Employment, Oni Marbun said that the results of the investigation revealed that the data did not come from the BPJS Employment database system.

"Meski demikian, kami akan tetap melakukan langkah-langkah preventif penguatan sistem keamanan teknologi informasi terhadap potensi gangguan data dengan peningkatan protection dan ketahanan sistem," ujarnya.

The Director of Information Application Control at the Ministry of Communication and Information, Teguh Arifiyadi, has also said that his party has received an investigative report regarding the alleged leakage of BPJS Ketenagakerjaan data.

"From our team to investigate first, then we will determine whether this is a true incident or not, or an old incident," Teguh told the media on Friday, June 28.

This data leak comes after Cipher's Brain ransomware attack recently hit the Temporary National Data Center (PDNS) 2.

It is not yet known whether a series of cases of data leakage have anything to do with the PDNS 2 ransomware or not. Until this article was written, the National Cyber and Crypto Agency (BSSN) had not provided an official statement when contacted by VOI.