TheJakartaPost

Please Update your browser

Your browser is out of date, and may not be compatible with our website. A list of the most popular web browsers can be found below.
Just click on the icons to get to the download page.

Jakarta Post

Hacker allegedly breaches govt database on COVID-19 test-takers

  • News Desk

    The Jakarta Post

Jakarta   /   Sun, June 21, 2020   /   07:41 am
Hacker allegedly breaches govt database on COVID-19 test-takers A mother helps her son get tested by Relawan Indonesia Bersatu Lawan COVID-19 (Indonesian Volunteers United Against COVID-19) in Jakarta on June 4. (JP/P.J. Leo)

An unknown hacker has allegedly breached a government database of 230,000 people who have undergone COVID-19 testing.

The hacker, under the username Database Shopping, offered the personal data of COVID-19 test-takers in Indonesia on the data-exchange platform Raid Forums, where another member put up for sale the personal information of 15 million users from homegrown e-commerce unicorn Tokopedia’s internal database for US$5,000.

The as-yet-unidentified user showed an example of the breached data sets, which included personal details such as the names, addresses, ages and nationalities of the patients undergoing COVID-19 testing at several hospitals in Bali.

The data also showed which kind of tests each individual took.

“Indonesia COVID-19 database, 230k [worth of data in the] MySQL [database]. Leak date: May 20, 2020. I sell it to the enthusiast,” user Database Shopping said in a post on raidforums.com on Thursday.

Read also: Robust personal data protection critical in COVID-19 fight

During an interview with the Kompas daily through email, the seller claimed they also breached the database of people participating in testing from other regions, such as Jakarta and Bandung in West Java.

The user put up the complete database for sale for $300.

Responding to the alleged data breach, national COVID-19 task force spokesperson Achmad Yurianto said on Saturday as quoted by kompas.com that they would “leave it to the authority.”

He did not disclose any details regarding the breach.

Data breach cases are on the rise in Indonesia, which has yet to pass a personal data protection bill. In 2013, hackers accessed the information of millions of Indonesian citizens via the General Elections Commission’s website. The data set was claimed to be the final voter list of the 2014 presidential election. (mfp)