JAKARTA - The Indonesian Cyber Research Institute CISSReC checked the alleged leak of more than 17 million customer data of PT PLN (Persero) whose information the uploader sold the data since Thursday, August 18 night.
"If checked, the sample data provided only fits 10 PLN customers. From the data, it contains a lot of information from PLN customers, for example names, customer IDs, addresses, customer types, and power limits," said Chairman of CISSReC Pratama Persadha when confirmed, Friday August 19 evening.
He said the leak was uploaded on Thursday, August 18 by a forum member with the identity name Loliyta. In the upload, a sample of the data results allegedly contains samples of the PLN customer database.
According to him, the complete sample contains ID, PLN customer identification (idpel), name, consumer name, energy type, kWh, address, meter no, UPI unit, meter type, name of UPI unit, AP unit, name of AP unit, up unit. , and the unit name up.
When checking the customer ID number given to the sample into the payment platform, Pratama said, the name of the customer is listed according to the sample data provided.
"So, it is possible that the leaked data is data from customers belonging to PLN," said Pratama who is also a postgraduate lecturer at the State Intelligence College (STIN).
Actually, he said, 10 samples of PLN customer data from a total of 17 million claimed data could not be proven that there had been a data leak. This is different from the data leaks of BPJS and other large institutions, for example, whose sample data is shared relatively very much, thousands and even millions of data.
"Currently, we need to wait for the hacker to provide more data samples while PLN conducts digital forensics and makes a statement," he said, according to Antara.
The Communication and Information System Security Research Center (CISSReC) team when trying to contact via Telegram, the uploader did not respond, even his account was inactive in the last few days.
If it is proven true, continued Pratama, PLN must learn from various hacking cases that have happened to many other government institutions and institutions.
He views that SOEs need to increase security awareness and strengthen their system. The problem is, the low awareness of cybersecurity is one of the reasons why many government websites are victims of hacking.
"In the country, efforts to repair it already exist, for example the formation of a CSIRT (Computer Security Incident Response Team). This CSIRT will later coordinate a lot with BSSN when a hack occurs," he said.
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)
