TheJakartaPost
Please Update your browser
Your browser is out of date, and may not be compatible with our website. A list of the most popular web browsers can be found below.
Just click on the icons to get to the download page.
Care and protect?: Apparent govt health app breach raises deeper data concerns
Change Size
The government is back in the spotlight for failing to protect citizens’ data following an alleged breach of COVID-19 tracking app PeduliLindungi – the second apparent hack of a state database since a national privacy law was enacted in October. (Shutterstock/PopTika)
T
he government is back in the spotlight for failing to protect citizens’ data following an alleged breach of COVID-19 tracking app PeduliLindungi – the second apparent hack of a state database since a national privacy law was enacted in October.
Last week, the pseudonymous hacker Bjorka, who previously claimed to have obtained and leaked the personal data of President Joko “Jokowi” Widodo and his ministers, offered 3.2 billion data entries allegedly belonging to users of the PeduliLindungi app for sale on the hacking site Breach Forums for US$100,000 in bitcoin. The data included users’ contact details, ID card details, travel history, vaccination status and COVID-19 test results.
The government uses the effectively mandatory PeduliLindungi for COVID-19 contact tracing and vaccination verification.
Officials from the Cyber and Crypto Agency (BSSN); the Communications and Information Ministry and state-owned telecommunications firm Telkom, which created the app; and the Health Ministry, which manages the app’s data, say they are still investigating the alleged breach and verifying the authenticity of the stolen data.
“We have coordinated and started data validation and investigation to verify the alleged data leak of PeduliLindungi," BSSN spokesperson Ariandi Putra told The Jakarta Post on Friday.
Health Minister Budi Gunadi Sadikin has denied that the data came from the PeduliLindungi database, which is managed by his office, kompas.com reported.
The incident comes less than a week after Bjorka put 44 million personal data entries apparently belonging to users of fuel payment app MyPertamina up for sale on the same hacking forum. The claimed leak is under investigation by state-owned oil and gas giant Pertamina.
