BSSN Assistant To The Ministry Of Law And Human Rights Handles Allegations Of Leaking Passport Data Of 34 Million Indonesian Citizens

DOK ANTARA/Fikri Yusuf

JAKARTA - The National Cyber and Crypto Agency (BSSN) revealed that it together with the Ministry of Law and Human Rights (Kemenkumham) are currently still in the process of assisting in handling incidents for alleged passport data leaks of 34 million belonging to Indonesian citizens (WNI).

This is part of the coordination that has been carried out by BSSN with related parties including the National Data Center team of the Ministry of Communication and Information (Kemenkominfo), the Directorate of Government Information Application Services (LAIP) of the Ministry of Communication and Information, CSIRT Kemenkumham, Pusdatin Kemenkumham, and the Directorate General of Immigration.

"Until now, the BSSN technical team together with the technical team of the Ministry of Law and Human Rights are assisting in handling incidents, validation and investigations of the alleged incidents of leakage of Indonesian citizens' passport data", said BSSN spokesman Ariandi Putra as quoted by ANTARA, Friday, July 7.

In addition to data investigations, BSSN and the Ministry of Law and Human Rights also carry out several risk mitigation measures so that existing data is maintained and does not interfere with related services.

In addition, BSSN appeals to Electronic System Operators (PSE) and other related ecosystems to be able to improve the security of their personal data so as not to be infected with cyber crime.

"BSSN appeals to all Electronic System Operators, Personal Data Control, and Personal Data Subjects to always improve the security of the personal data and electronic systems operated", said Ariandi.

Previously, the Ministry of Communication and Information had issued a statement related to the handling of alleged passport data belonging to 34 million Indonesian citizens (WNI).

At that time, the Ministry of Communication and Information revealed that the coordination team could not conclude that data leaks had occurred.

The Director General of Information and Public Communication (IKP) of the Ministry of Communication and Information, Usman Kansong, also said that there was a difference in the data structure between what was placed in the National Data Center (PDN) and the data that was suspected of being leaked.

The initial search began after cybersecurity practitioner Teguh Aprianto tweeted @secgron saying that the Passport Data of 34 million Indonesian citizens had been hacked.

Teguh explained that the leaked information data included passport numbers, validity date for passports, full names, date of birth, and gender and it was known that the data was sold for 10 thousand US dollars or around IDR 150 million.

There is also information regarding the capacity of the compressed and uncompressed data as large as 4GB, the amount of data is 34,900,867, it was broken into in July 2023, the CSV format, and the country of origin, namely Indonesia.