Brinztech Alert: The Alleged Customer Database of FUSE Indonesia is Leaked

Dark Web News Analysis

The dark web news reports a high-severity data breach involving FUSE Indonesia (fuse.co.id), a prominent insurtech company in Southeast Asia. A threat actor has advertised the alleged customer database on a hacker forum.

Crucially, the threat actor is associated with “ShinyHunters,” a notorious cybercriminal group with a verified history of executing massive breaches against major tech unicorns (including Tokopedia and Wattpad). The involvement of this specific group lends significant credibility to the threat. The leaked data reportedly contains extensive Customer Information, likely including Personally Identifiable Information (PII) used for insurance underwriting.

Key Cybersecurity Insights

Breaches in the “Insurtech” sector are particularly damaging because they combine personal identity data with asset and financial information:

• The ShinyHunters Factor: The involvement of ShinyHunters suggests this is a legitimate breach rather than a bluff. This group is known for exfiltrating massive SQL databases and selling them for high prices or leaking them to build reputation. Their targets are usually high-volume consumer platforms.
• Insurance Fraud Risk: Insurance data often includes Vehicle Details, Health Information, Physical Addresses, and ID Numbers (NIK). Attackers can use this to file fraudulent claims with other insurers or to target victims with “Policy Renewal” scams.
• Asset-Based Phishing: If the database reveals what assets a user insures (e.g., a specific car model or property), attackers can craft highly specific phishing emails. For example: “Your insurance for the [Toyota Fortuner] is expiring. Click here to renew,” making the scam nearly indistinguishable from a real alert.
• Regulatory Impact (UU PDP): As an Indonesian company handling massive amounts of PII, FUSE faces strict liability under the Personal Data Protection Law (UU PDP). A confirmed leak of this magnitude could result in severe administrative fines and mandatory public disclosure requirements.

Mitigation Strategies

To protect policyholders and corporate reputation, the following strategies are recommended:

• Forensic Verification: FUSE must immediately launch a forensic investigation to verify the ShinyHunters claim. Given the group’s reputation, assume the data is valid until proven otherwise.
• Customer Notification: Prepare a transparency statement. If PII is confirmed lost, notify customers immediately to prevent them from falling victim to secondary phishing attacks using the stolen data.
• Credential Monitoring: Employees and partners (agents) using the FUSE Pro app should reset their passwords immediately, as ShinyHunters often target employee credentials to gain initial access.
• Dark Web Surveillance: continuously monitor the forum thread. ShinyHunters often release data in “batches” or hold auctions; tracking the sale status provides insight into who might acquire the data next.

Secure Your Business with Brinztech — Global Cybersecurity Solutions

Brinztech protects organizations worldwide from evolving cyber threats. Whether you’re a startup or a global enterprise, our expert solutions keep your digital assets safe and your operations running smoothly.

Questions or Feedback?

For expert advice, use our ‘Ask an Analyst’ feature. Brinztech does not warrant the validity of external claims. For general inquiries or to report this post, please email us: contact@brinztech.com