The threat actor also vows to leak 200 million Indonesian citizenship data soon.Last month Hackread.com exclusively reported how the Indonesian e-commerce giant Tokopedia was hacked by dark web hackers and personal details of 92 million of its customers were being traded and sold on dark web marketplaces and several hacker forums. Now, a threat actor has leaked a trove of personal and electoral data claiming it belongs to 2.3 million Indonesian citizens. According to the sample data seen by Hackread.com, the data appears to date back to 2013 and seems to be stolen from the official website of The General Elections Commission or Komisi Pemilihan Umum (KPU) in Indonesian.
The 2.36 GB of data has been divided into several folders all containing the data in PDF files including full names, addresses, registration numbers, family card numbers, date of birth and place of birth, etc.
Screenshot of the listing (Source: Under The Breach)
1 of 3What’s worse for Indonesian citizens is that the threat actor is claiming to have access over 200 million Indonesian citizenship data which they plan to leak on the hacker forum where the electoral data is currently being traded.
See: Records with data on 129 million Russian car owners sold on dark web
Chinese companies have leaked over 590 million resumes via open databases Over 540 million Facebook records found on exposed AWS servers According to Microsoft, between January 1, 2019, and March 29, 2019, a hacker, or group of hackers, compromised the account of a Microsoft support agent, one of the company's customer support representatives that handles technical complaints.
While sharing the reason for leaking the citizenship data, the hacker stated that,
I decided to share with you about 2.3 million Indonesia citizenship and election data cause I think Indonesian data seems rare in this forum (referring to the hacker forum where the data has been leaked).
Commenting on the leak, one of the representatives from breach monitoring service Under The Breach who alerted Hackread.com of the breach said that,
“The actor who leaked the database isn’t necessarily the person who first obtained it, it would make sense for a niche database of that sort to be circling around smaller Indonesian based forums until it surfaces on a larger cybercrime forum.”
See: Adult streaming site CAM4 leaks 7 TB of data with 11 billion records It is worth noting that a couple of weeks ago, another hacker was found selling almost 13 million user accounts belonging to Bukalapak, one of the largest e-commerce companies in Indonesia. The database was from 2017 and apparently, Bukalapak acknowledged the hack on 12 April 2019.
Nevertheless, one after another data breach should come as a massive blow to Indonesians especially authorities responsible to protect such sensitive data.
Someone is selling almost 13 million user accounts belonging to #Bukalapak, one of the largest e-commerce companies in #Indonesia. The database is from 2017 and apparently, Bukalapak acknowledged the hack on 12 April 2019. To be on the safe side change your passwords. pic.twitter.com/AI5Ryjkomi
— HackRead.com (@HackRead)
Did you enjoy reading this article? Do like our page on and follow us on .