Make Sure There Is No Data Leakage, Kominfo Calls PLN Management
JAKARTA - The Ministry of Communication and Information (Kominfo) has summoned the management of PLN regarding the alleged data leakage of users of the State Electricity Company (PLN). Director General of Informatics Applications Semuel A. Pangerapan said his party was still exploring and exploring further.
"The Ministry of Communication and Information has also summoned PLN's management on Saturday, August 20, 2022 to ask for information on the alleged data leak," Samuel said in an official statement, Monday, August 22.
Samuel added, currently PLN has carried out an ongoing evaluation of the PLN cyber security system, and at the same time PLN has also improved the personal data protection system for PLN customers.
PLN also said that the operational system of PLN's information technology is still in a safe condition and public services are still running well.
Meanwhile, efforts to improve the security of PLN's personal data protection system are also being carried out together with the National Cyber and Crypto Agency (BSSN). The Ministry of Communications and Informatics has submitted technical recommendations to PLN to improve the protection of personal data of PLN customers.
"Furthermore, the Ministry of Communications and Informatics will continue to review the fulfillment of PLN's obligations to the applicable personal data protection provisions and other related obligations in accordance with statutory regulations," he continued.
Previously, PLN also investigated and handled customer data exposed on the internet. PLN is also supported by the Ministry of Communication and Information (Kominfo) and the National Cyber and Crypto Agency (BSSN) to provide protection for people's personal data.
"We continue to coordinate with Kominfo and BSSN to find sources of customer data circulating on the internet as well as efforts to increase security," said PLN spokesman Gregorius Adi Trianto to VOI.
The search results until Saturday, August 20 at 13.00 WIB, the actual customer data system of PLN is safe and not entered by outside parties. Checks are carried out on PLN's main data center through systems from various perimeters and all are in safe condition.
Judging from some of the data that has appeared on social media, the data is a general and non-specific replication of customer data, which was allegedly taken from the customer data dashboard application for analytical data purposes.
"This data is not real customer transaction data and is not updated, so it is not expected to have a major impact on customers. In general, electricity services to customers are not disrupted," said Gregorius.
PLN has and continues to implement layered security with BSSN for very strict security measures with the aim of strengthening and protecting customer data.
"In accordance with applicable regulations, we as Electronic System Operators (PSE) will of course process this further with the assistance of the Ministry of Communication and Informatics and follow up on recommendations to complete investigations and joint remedial steps, so that personal data remains protected," he concluded.