Kominfo Block Hacker Forum Spread Data of 279 Million Population
UMMATIMES - The Ministry of Communication and Informatics (Kominfo) blocked the Raid Forum, a hacker forum website that recently made a scene because one of its users with the username “kotz” sold data on 279 million Indonesians.
In his official statement, Kominfo spokesman Dedy Permadi said that his party was in the process of blocking the Raid Forum. He explained that the hacker forum had violated the law in Indonesia.
"Raid Forums are identified as a forum that spreads a lot of content that violates laws in Indonesia, so that the website, including an account called Kotz, is being blocked," said Dedy in a written statement received by KumparanTECH, Saturday (22/5).
"Links to download personal data, namely data links on bayfiles.com, mega.nz, and anonfiles.com to all have been blocked."
Dedy explained, the laws the hacker forum violated were the ITE Law, PP 71, and the Minister of Communication and Information regarding Personal Data Protection.
Based on TECH's monitoring since Saturday (22/5) afternoon, the Raid Forum website is already difficult to access. However, blocking this content still has a gap because internet users can still access the site via a Virtual Private Network (VPN).
"This is the optimal effort we can do so far," said Dedy responding to the access blocking loopholes that can still be opened via VPN.
Kominfo itself reports that it has identified a larger amount of data and expanded its investigation of about 1 million data that sellers claim as sample data.
"From the results of a randomized investigation of around 1 million data, it can be concluded that Kominfo and BSSN need to carry out a deeper investigation together with BPJS Kesehatan," explained Dedy.
The ministry also said they had summoned the BPJS Kesehatan Directors on Friday (21/5) as the manager of personal data that was suspected of being leaked for a more in-depth investigation process.
The results of the meeting with the Board of Directors of BPJS Kesehatan include:
BPJS will immediately confirm and retest the personal data that is suspected of being leaked.
Investigations carried out by the BPJS internal team will always be coordinated with the Ministry of Communication and Information and BSSN.
BPJS will take data security measures to mitigate the wider risk of personal data leakage.
Previously, a Raid Forum user named "kotz" sold the data of 279 million Indonesians on the hacker forum. He sold it for 6 thousand US dollars, where he also provided free data samples for about 1 million residents.
The data sold by Kotz includes KTP, salary, telephone number, address, and email. There are also 20 million personal photo data of Indonesian residents in it.
kotz claims that the data includes Indonesian residents who are currently living to those who have passed away.
Until now, BPJS Kesehatan has not announced that the leaked data came from them. Likewise with Kominfo which did not explicitly provide information on where the data leak came from.
However, the NOKA statement in the free data sample that was distributed by Kotz, referred to the BPJS Health Card Number. The allegation of data leakage was also strengthened through testimonials from checks conducted by cybersecurity experts.
"According to the tests conducted by vaccincom, the 1 million data sampled have something to do with the largest health insurance in Indonesia," said Alfons Tanujaya, cybersecurity expert from Vaksincom. "The data is valid. You can check on the official website, enter the name, come out the name. "