Personal data of at least 279 million Indonesians were allegedly leaked and sold on a hacker platform this month, authorities said late Thursday.
The Ministry of Communication and Information said in a statement that it is investigating the suspected data leak and its sale on the hacker platform "Raid Forums."
Information related to the alleged leakage of population data first surfaced on social media, claiming to be from the Health Care and Social Security Agency (BPJS Kesehatan).
The ministry's spokesperson, Dedy Permadi, said it is a major data leak and the investigation will take time. To complete the investigation, the ministry will look into several stages of the suspected leak, he said.
There will be an in-depth investigation into the matter to find traces of the leak, he said, adding that the “findings of the investigation will be submitted later.”
Iqbal Anas Ma'ruf, the spokesman for BPJS Kesehatan, said the agency is also investigating to determine if the leaked data originated from its system.
"We have formed a special team to immediately find the source of the leak," Ma'ruf said in a statement.
The agency claimed to have a strict and layered data security system in place to ensure personal data confidentiality.
Meanwhile, the Ministry of Home Affairs said the allegedly leaked data did not originate from the Population and Civil Registration department.
There have been many incidents of personal data leaks in the country.
In 2020, personal information data from users of two leading e-commerce sites, Tokopedia and Bukalapak, was leaked.
In addition, at least 2.3 million voter records from the General Election Commission (KPU) have also been leaked and sold in online forums.