Brinztech Alert: The Alleged Data of BSU Kemnaker are Leaked

Dark Web News Analysis

The dark web news reports a sensitive data breach involving BSU Kemnaker (Bantuan Subsidi Upah), the Indonesian Ministry of Manpower’s wage subsidy assistance program. A threat actor on a monitored hacker forum is distributing a database containing the personal information of 16,902 individuals.

The leak specifically impacts workers in the Jakarta region. The data is available in CSV format, making it easily accessible for automated processing. The compromised fields are highly critical, including NIK (National Identification Number), NIP (Employee Identification Number), Full Names, Locations, and most alarmingly, Bank Account Details.

Key Cybersecurity Insights

Breaches of government aid programs in Indonesia carry specific, high-impact risks due to the reliance on the NIK as a universal identifier:

• The “Pinjol” (Illegal Loan) Threat: The combination of NIK, Full Name, and Bank Account is the “Holy Trinity” for identity fraud in Indonesia. Criminals use this data to apply for illegal online loans (Pinjol Ilegal) in the victim’s name. The funds are disbursed to the attacker (or a mule account), leaving the victim with the debt and harassment from debt collectors.
• Wage Subsidy Phishing: Since the data belongs to BSU recipients, attackers can launch highly credible phishing campaigns via WhatsApp. Messages like “Your BSU Phase 2 disbursement is pending. Click here to verify your bank account” are extremely effective because the attacker already knows the victim is an eligible recipient.
• Direct Banking Fraud: With Bank Account Details exposed, attackers can attempt “Social Engineering” attacks against the victim’s bank. They might call the victim posing as bank staff, reading back the real account number to gain trust, and then asking for an OTP to “secure” the account.
• Civil Servant (ASN) Targeting: The inclusion of NIP (Nomor Induk Pegawai) suggests some victims may be civil servants or formal employees. This data can be used to impersonate government officials or conduct fraud within the employment sector.

Mitigation Strategies

To protect Indonesian workers and the integrity of the subsidy program, the following strategies are recommended:

• SLIK OJK Monitoring: Victims (especially in Jakarta) should regularly check their credit status via SLIK OJK (formerly BI Checking) to ensure no unauthorized loans have been taken out in their name.
• Scam Awareness: Beneficiaries must be reminded that Kemnaker never asks for OTPs or credit card details via WhatsApp or SMS. Official information is only available through the kemnaker.go.id portal.
• Bank Vigilance: If your bank account number was part of the leak, monitor your transaction history closely. Be skeptical of any caller claiming to be from your bank who asks for your PIN or OTP.
• Data Verification: Kemnaker needs to urgently investigate if this leak originated from their internal database or from a third-party partner (e.g., a distributing bank or aggregator) to plug the leak source.

Secure Your Business with Brinztech — Global Cybersecurity Solutions

Brinztech protects organizations worldwide from evolving cyber threats. Whether you’re a startup or a global enterprise, our expert solutions keep your digital assets safe and your operations running smoothly.

Questions or Feedback?

For expert advice, use our ‘Ask an Analyst’ feature. Brinztech does not warrant the validity of external claims. For general inquiries or to report this post, please email us: contact@brinztech.com