Reports have emerged about an alleged massive data leak of Indonesian hospital patients’ medical information being sold in an illegal internet forum. Hackers claimed to have breached the Indonesian Health Ministry centralized server to obtain the data.
According to a report by Antaranews, the data that were sold in the dark web contains 720 GB of personal medical information from a number of hospitals.
The uploader, the report stated, sold it at Raidforums and released 6 million of the personal data which includes the names of the patients, hospitals they were treated at, patients’ photos, x-ray scans, and Covid-19 test results.
The Indonesian Health Ministry on Thursday announced that it is investigating the alleged data breach. “We are assessing the problem and evaluating our systems,” said Health Ministry Chief Digital Transformation Officer Setiyaji on January 6.
The spokesperson for the Communication and Informatics Ministry, Dedy Permadi, said this issue is being looked into. He also informed that the Health Ministry has coordinated efforts with the National Cyber and Encryption Agency (BSSN).
“The Minister of Communications and Informatics has been ordered to communicate intensively with the Health Ministry and begin the investigation, ” said Permadi on Thursday.
Kominfo urged every public and private electronic system (PSE) operators, especially those managing personal data, to pay attention to the processing of personal data and avoid data leak.