26 Agustus 2021
In a post on the RaidForums website on Tuesday, an unnamed user said they were selling a collection of 460,000 documents compiled from the user data of over two million BRI Life clients for $7,000. The post was accompanied by a 30 minute video of the documents, which included bank account details, as well as copies of Indonesian identification cards and taxpayer details.
According to cybersecurity firm Hudson Rock, the data was leaked following the hacking of the computers belonging to BRI and BRI Life employees. They claimed to have identified several computers in question at the two companies.
This is not the first time that data belonging to the Indonesian people has been leaked and traded in cyberspace. Previously, the @underthebreach account had also revealed the alleged data leak of 200 million Indonesians from the KPU website, and not long ago, millions of BPJS Health data were also leaked in cyberspace and sold on the Raid Forum online forum.
Seeing the trend of data leakage frequency in Indonesia which is increasing over time, Protergo held a webinar with the title “What can we learn from the Explosion of Data Leakage in Indonesia”.
This webinar was hosted by Marco Cioffi and Christian Jordy as Cybersecurity Experts from Protergo. This webinar was attended by various institutions in Indonesia, including financial institutions such as PT Wahana Payment Indonesia (Paylabs), PT Solid Gold Futures, and PT Sun Life Financial. Moreover, this webinar was also attended by educational, IT, transportation, and health institutions in Indonesia.
In this event, the speakers discussed the recent data leak cases in Indonesia, the risk factors that enabled them to penetrate the infrastructure of a certain organization or company, and what we can learn as an institution to prevent and minimize the risks of these incidents.
One of the main take away from this event is that a good cybersecurity readiness is essential for every organization, regardless of their sizes. A lot of these data leakages were a result of negligence, in which organizations did not have a Security Operation Center (SOC), while setting aside regular external threat monitoring and vulnerability assessments. This allowed the perpetrator to perform brute-force to gain access to the targeted data without being noticed.
To minimize the risk of this cyber threat, Protergo offered a solution their SOC (AlienVault) service which operates 24/7 to ensure operational security, as well as regular penetration testing to ensure system security, and reduce the risk of unauthorized access and suspicious activity within the system.