The personal information of nearly 35 million Indonesian passport holders has been put up for sale on the dark web for $10,000 by a notorious hacktivist named Bjorka, known for criticizing the Indonesian government and exposing damaging information about lawmakers on social media. The government is currently investigating a potential breach of the Directorate General of Immigration’s network.
Security researcher Teguh Aprianto revealed on Twitter that a hacker was selling the details of Indonesian passport holders, including full names, birthdates, genders, passport numbers, and passport validity dates.
As proof of authenticity, the threat actor shared a sample of 1 million data records, indicating that the 4-gigabyte data dump could be purchased for $10,000.
The Indonesian Ministry of Communication and Informatics, also known as Kominfo, is investigating reports of the alleged theft of personal information concerning 34.9 million Indonesians.
While the ministry has not yet confirmed a massive leak of personal data, Director-General of Informatics Applications Semuel A. Pangerapan assured that an in-depth investigation is underway in collaboration with various government agencies.
Threat intelligence company Cyble highlights that Indonesia is among the most targeted nations for cyberattacks in Southeast Asia, with over 11 million reported attacks in the first quarter of 2022 alone.
Reference:
