The Indonesian communications ministry has been investigating the reports of the leaked personal data of IndiHome subscribers, after their browsing history data was leaked through illegal websites in August 2022, said Indonesia media reports.
Indonesia's telecommunication operator Telkom Indonesia and IndiHome group have not been able to confirm the reports of IndiHome's users' leaked data - as the ministry will have to confirm the matter and recommend technical improvements for protecting Telkom's personal data while coordinating this issue with the National Cyber and Crypto Agency (BSSN), reported Kominfo . In addition, Semuel Abrijani Pangerapan, the Communications and Informatics director of general informatics application said that the ministry will ask Telkom to keep up with its reports, reported Anatara News .
According to reports, browsing history, dates, passwords, domains, platforms, and URL links were the exposed data. On the other hand, other confidential and sensitive data, such as email addresses, sex, phone numbers, and residence identification cards were also leaked.
Last September, another such incident also occurred where Indonesia government said it was investigating a suspected security flaw in a COVID-19 test-and-trace app after the data of 1.3 million users from the health ministry's electronic Health Alert Card (eHAC) app were exposed in an open server, multiple media reports including Reuters and CNN Indonesia said. According to a report by cybersecurity research firm vpnMentor published on 30 August 2021, the leaked data contained ID, address, and health history.
Data breaches have become commonplace in this digital world. In July last year, Bank Rakyat Indonesia's insurance division, BRI Life, also investigated allegations that personal information of more than two million of its customers had been advertisers for sale by "unidentified hackers". This followed a Reuters report found that "multiple computers belonging to BRI and BRI Life employees had been compromised".
An IBM study done in 2021 found that the average cost of a data breach increased by nearly 10% year-over-year to US$4.24 million, the largest single-year cost increase in the last seven years. The average cost was also US$1.07 million higher in breaches where remote work was a factor in causing the breach, compared to those where remote work was not a factor.
Related Articles:
Indonesian Communications ministry's IG flooded with negative comments, reverses PayPal block
