Brinztech Alert: Database of PeduliLindungi is on Sale

Dark Web News Analysis

A threat actor on a known cybercrime forum is claiming to sell a collection of databases that they allege were stolen from PeduliLindungi, Indonesia’s former national COVID-19 contact tracing and vaccine passport application. According to the seller’s post, the data for sale is comprehensive, purportedly including user accounts, location check-in details, contact tracing data, and vaccination records. The allegedly compromised information contains a trove of highly sensitive Personally Identifiable Information (PII), such as NIK (National Identification Number), phone numbers, full names, emails, and dates of birth.

This claim, if true, represents a national data breach of catastrophic proportions. The PeduliLindungi application was used by a vast majority of the Indonesian population, making this a potential compromise of the personal and health-related data of tens of millions of citizens. The alleged leak of NIKs combined with health status and historical location data provides a powerful and dangerous toolkit for criminals and other malicious actors to commit identity theft, fraud, and even conduct surveillance on a massive scale.

Key Cybersecurity Insights

This alleged data breach presents a critical threat to the entire Indonesian population:

• Catastrophic National Health and Privacy Breach: The primary risk is the exposure of a core national health database. The alleged leak of contact tracing and location check-in data is a profound violation of privacy, revealing the movement patterns and associations of millions of citizens.
• High Risk of Mass Identity Theft and Fraud: The alleged inclusion of the Indonesian National Identification Number (NIK) is a worst-case scenario for identity theft. Combined with other detailed PII, it provides a complete toolkit for criminals to impersonate citizens and commit widespread financial fraud.
• Potential for Surveillance and Social Control: A database containing the health status and location history of millions is an extremely powerful tool. In the hands of state-sponsored actors or other malicious groups, this data could be weaponized for surveillance, social profiling, or other activities that threaten personal and national security.

Mitigation Strategies

In response to a claim of this magnitude, the Indonesian government must take immediate and decisive action:

• Launch an Immediate National Emergency Investigation: The Indonesian government, led by the Ministry of Health and the national cybersecurity agency (BSSN), must treat this claim as a national security emergency. A top-priority, full-scale investigation is required to verify the claim’s authenticity and determine the source of this potential catastrophic leak.
• Issue a Widespread Public Alert: A national public service announcement is crucial. The government must warn all citizens that their sensitive health and personal data may have been compromised and provide clear guidance on how to protect themselves from identity theft and be vigilant for highly targeted, health-related phishing scams.
• Conduct a Comprehensive Security Overhaul of all National Digital Health Systems: This incident, if confirmed, represents a colossal failure of public data protection. It must trigger a complete, mandatory security overhaul of the current national health app (SATUSEHAT) and all other government systems that handle citizen health data.

Secure Your Organization with Brinztech As a cybersecurity provider, we can protect your business from the threats discussed here. Contact us to learn more about our services.

Questions or Feedback? For expert advice, use our ‘Ask an Analyst’ feature. Brinztech does not warrant the validity of external claims. For general inquiries or to report this post, please email us: contact@brinztech.com