Passport of Indonesian Leaked: INDONESIA, July 6, 2022 – The Directorate General of Immigration under the Ministry of Law and Human Rights has responded to the news of a potential passport data breach involving 34 million (34,900,867) passport records.
According to bisnis.com, Director General of Immigration, Silmy Karim, stated that the leaked passport data is currently under investigation. “We are currently examining the situation, and it’s important to note that the immigration data center is currently using the National Data Center (PDN) managed by the Ministry of Communications and Information Technology (Kominfo),” he said when contacted by Bisnis.com teams on Wednesday (5/7/2023).
Cybersecurity analyst Teguh Aprianto revealed the information regarding the leaked passport data on his Twitter account on Wednesday (5/7/2023).
Buat yang udah pada punya paspor, selamat karena 34 juta data paspor baru aja dibocorkan & diperjualbelikan.
Data yg dipastikan bocor diantaranya no paspor, tgl berlaku paspor, nama lengkap, tgl lahir, jenis kelamin dll. Ini @kemkominfo sama @BSSN_RI selama ini ngapain aja ya? pic.twitter.com/p8ZlMi2fgo
— Teguh Aprianto (@secgron) July 5, 2023
An individual named Bjorka released the leaked data titled ‘34 Million Indonesian Passports,’ as seen in the shared screenshots. The information contained in the leaked passport data amounts to 4 GB in size, with a total of 34.9 million records.
The leaked data includes passport numbers, passport expiration dates, full names, dates of birth, and gender. Furthermore, it became apparent that the leaked data originated from Indonesia, and someone was selling it for $10,000 or approximately IDR 150 million.
“On the portal, the perpetrator also provided a sample of one million data entries. Upon examination of the provided sample, the data appears to be valid, with timestamps ranging from 2009 to 2020,” Teguh further explained on Twitter.
As of the publication of this breach information, there has been no response from the Ministry of Communications and Information Technology (Kominfo) regarding the passport data breach.
The Identity of the Data Leaker
The anonymous account believed to be responsible for the leak is Bjorka. This account gained popularity in 2022 after claiming to have hacked documents belonging to President of the Republic of Indonesia “Jokowi”, including personal data of officials, ministers, and the chairman of the People’s Consultative Assembly (DPR) “Puan Maharani”.
So far, information regarding the identity, location, and modus operandi of Bjorka remains unclear. The government had formed a special team to uncover Bjorka’s identity, but their efforts have been fruitless.
Minister of Political, Legal, and Security Affairs, Mahfud MD, referred to Bjorka’s motives as being a mix of political, economic, and trade-related interests. He stated, “These motives are not too harmful.”
In the case of the passport data breach, Bjorka shared a sample of one million user data entries on their blog, free of charge. This data includes passport numbers, NIKIM, issuance dates, expiration dates, dates of birth, gender, and updates.
Bjorka claims to possess a total of 34,900,867 passport user names, which they are selling for $10,000 or approximately IDR 150 million.
This isn’t the First Time Bjorka has Leaked Data
This incident of personal data breach, involving passport numbers, is not the first one. Previously, Bjorka claimed to have breached and sold other personal data, including:
– 35 million MyIndihome user data.
– 19 million BPJS Ketenagakerjaan (Employment Social Security Agency) data.
– 3.2 billion data from the PeduliLindungi application.
– 45 million MyPertamina user data.
– 105 data from the General Election Commission.
– 679,000 letters sent to President Jokowi.
– 1.3 billion SIM card data.
– Browsing history of 26 million Indihome users.
All sample data can be seen at this link https://secry.me/explore/all-leaked-database
How About the Data Validity?
The Indonesian government has stated that it has not yet reached a conclusive decision on whether a massive personal data breach has occurred as alleged.
However, a cybersecurity company has identified the leaked data as “valid” due to the presence of several sensitive details known only to the government authorities.
A cybersecurity expert from, who discovered their own personal information among the leaked data, supports this validation while expressing frustration.
According to bbc.com, BBC News team’s has reviewed the leaked data, which includes one million complete names along with passport numbers, national identity numbers (NIKIM), dates of issuance, gender, and dates of birth.
Data Validity and Investigation
The Ministry of Communications and Information Technology stated that they have been investigating the alleged passport data breach. “Our team is still working on it, and so far, we cannot conclude that there has been a massive personal data breach as alleged. This conclusion is based on careful examination of the circulating data,” said Semuel A. Pangerapan, Director General of Information Application.
The Ministry of Communications and Information Technology has been coordinating with the relevant authorities, including the National Cyber and Encryption Agency (BSSN) and the Directorate General of Immigration under the Ministry of Law and Human Rights.
“The Ministry of Communications and Information Technology will continue the investigation and will release the findings once more detailed information is obtained,” added Semuel A. Pangerapan.
Expert Validation and Calls for Transparent Investigation into the Data Breach
Meanwhile, the cybersecurity company Vaksincom believes the leaked data is “valid” based on the presence of two passport numbers and NIKIM that only the respective passport owners and government authorities are aware of.
Quoted from bbc.com, “If the government denies this, it’s like having a bloody face and claiming that it was not hit. It’s pointless,” said Alfons Tanujaya, a cybersecurity expert from Vaksincom, to BBC News Indonesia on Thursday (06/07).
Pratama Persadha, a cybersecurity researcher at the CISSReC institute, further validates the passport data, as his name was found in one of the rows of data shared by Bjorka.
Pratama expressed his frustration with the situation, stating, “This is not new, but it is still annoying.” BBC Indonesia also confirmed that Pratama’s name appeared in the leaked data.
The data administrators and the government have previously stated that they have taken steps to investigate these incidents. However, according to Pratama, there have been no publicly announced investigation results. He emphasized the importance of informing the public about the source of the leaks and ensuring that similar data breaches do not occur in the future.
“Often, hackers leave hidden access points that they can use to re-enter the systems they have breached,” he said.
Data Storage and Source of Breach
Director General of Immigration, Silmy Karim, informed national media outlets that the National Data Center (PDN), managed by the Ministry of Communications and Information Technology (Kominfo), stores the immigration server.
The Directorate General of Application Informatics has initiated the construction of PDN, a centralized data storage facility, in four locations: Cikarang, Batam, IKN, and Labuan Bajo.
As a reference, the projected capacity of PDN in Cikarang includes 25,000 processor cores, 40 Petabytes of storage, and 200 Terabytes of memory.
PDN will serve as the central government data center from the central level to regional levels.
“However, PDN has some shortcomings, such as the consolidation of data in a single location, which makes it easier for hackers to steal data,” said Pratama.
Identifying the Source of the Data Breach
Pratama emphasized the need for security system audits and digital forensic investigations to identify the source of the passport data breach.
“Some audit methods that can be employed include assessing vulnerabilities in the system, checking intrusion detection and prevention systems for any unauthorized access, and conducting audits of the devices used by employees who have access to the main system to ensure that those devices are not exploited by hackers to breach the system and steal data,” explained Pratama Persadha.
Meanwhile, Alfons Tanujaya, a cybersecurity expert from Vaksincom, believes that the passport data breach occurred through the central server.
“When you see such a massive data breach, it seems like someone has access to the database server and can copy the data,” said Alfons. Therefore, examining the access logs of the server is crucial to identify the perpetrator.
“If the Immigration Department claims to be unaware, it means that their system is chaotic. It is a matter at the national level, and having such a chaotic system is a disgrace. It is the people who suffer. Do you think the Immigration Department is the one suffering? No, they are the ones who should be embarrassed,” he added.
