Brinztech Alert: “Fullz” Database of Indonesian Citizens is on Sale, Includes Selfies & KTP Photos

Dark Web News Analysis

A threat actor on a known cybercrime forum is advertising the alleged sale of a database from an Indonesian Government database website. This claim, if true, represents the most severe, nation-scale data breach in Indonesia’s history, providing a “fullz” (full information) package for mass identity theft.

This is not an isolated incident. It is the catastrophic escalation of a systemic, multi-year cyber-crisis that has seen Indonesia’s public and private sectors hollowed out by attackers throughout 2024 and 2025. This new breach follows:

• The PDNS Ransomware Attack (June 2024): The “Brain Cipher” ransomware attack on the National Data Centre (PDNS) crippled 282 public services.
• The Ministry of Transportation Leak (Nov 2025): A 246GB data leak.
• The Ministry of Education Leak (Feb 2025): A 25GB data breach.
• The Rata Clear Aligners Breach (Nov 2025): A healthcare breach exposing sensitive PII/PHI.

This new leak is a “worst-case scenario” because the data for sale is a complete Know Your Customer (KYC) identity kit, including:

• National ID Numbers (KTP)
• Full Names, Addresses, Emails, WhatsApp Numbers
• Banking Details (Bank Name, Account Number)
• Employment Information (Institution, Position, NIP)
• Direct URLs to Selfie and KTP (ID card) Images

This provides a complete toolkit for criminals to bypass identity verification at banks, crypto exchanges, and other high-security platforms.

Key Cybersecurity Insights

This alleged data breach presents a critical and immediate threat:

• Extensive PII and Financial Data Compromise: The breach exposes a comprehensive set of highly sensitive personal and financial data, including national ID numbers, bank accounts, and photographic identification, enabling severe identity theft and financial fraud.
• Government Sector Vulnerability: A government database compromise signifies a critical security failure within public infrastructure, impacting citizen trust and potentially exposing national security-related information due to the depth of individual profiles.
• High Risk of Impersonation and Sophisticated Social Engineering: The combination of official IDs, photos, personal contact details, and employment information provides attackers with sufficient data to craft highly convincing impersonation schemes and targeted social engineering attacks.
• Severe PDP Law Violation: This is a catastrophic breach of Indonesia’s new Personal Data Protection (PDP) Law, which came into full enforcement in October 2024. The responsible agency faces crippling fines (up to 2% of annual revenue) and a massive loss of public trust.

Mitigation Strategies

In response to this systemic threat, all Indonesian public and private sector organizations must take immediate action:

• Immediate Incident Response and Verification: Conduct an urgent forensic analysis to verify the breach’s authenticity, scope, and root cause, isolating any compromised systems to prevent further data exfiltration.
• Data Encryption and Access Control Reinforcement: Implement stringent data encryption for all PII and financial data, both at rest and in transit, and enforce robust multi-factor authentication (MFA) and strict role-based access controls (RBAC) across all government systems.
• Proactive Vulnerability Management and Penetration Testing: Regularly conduct comprehensive vulnerability assessments and penetration tests on all public-facing applications and internal databases, coupled with continuous monitoring for unusual data access patterns or suspicious activities.
• Public Notification and Citizen Support: If confirmed, promptly inform all potentially affected citizens about the breach, advising them on steps to protect their identities and financial assets, such as monitoring credit reports, changing passwords, and being on high alert for fraud.

Secure Your Business with Brinztech — Global Cybersecurity Solutions Brinztech protects organizations worldwide from evolving cyber threats. Whether you’re a startup or a global enterprise, our expert solutions keep your digital assets safe and your operations running smoothly.

Questions or Feedback? For expert advice, use our ‘Ask an Analyst’ feature. Brinztech does not warrant the validity of external claims. For general inquiries or to report this post, please email us: contact@brinztech.com