Browsing Data, Personal Information of More Than 26 Million IndiHome Users Leaked on the Dark Web

JAKARTADAILY.ID – The Indonesian Ministry of Communication and Information reported that there was a leak of personal data of Indihome customers, the internet provider subsidiary of state-owned PT Telkom Indonesia.

"With regard to the alleged leak of personal data of Indihome customers, PT Telkom Indonesia (Persero), the Ministry of Communication and Information is currently investigating the alleged incident," said Director General of Information and Communications Applications, Semuel A. Pangerapan in a written statement, Sunday, August 21, 2022.

Samuel said that the Ministry of Communications will be summoning Telkom's management to obtain a report and Telkom's follow-up regarding the alleged incident.

Also read: Indonesian Gamers Notably Upset by Steam Getting Blocked, Proceeds to Roast Minister of Communications

After receiving information from Telkom, the Ministry will issue technical recommendations and coordinate with the National Cyber ​​and Crypto Agency (BSSN).

"The Ministry of Communication and Information will soon issue technical recommendations to improve the implementation of protecting Telkom's personal data, and at the same time coordinate with the National Cyber ​​and Crypto Agency (BSSN)," said Samuel.

According to reports, more than 26 million records from IndiHome containing, personal data, search histories, and much more were found on dark web forums, uploaded by a person under the username "Bjorka."

Also read: Indonesian Ministry of Communication Reopens Access to Origin Gaming Platform

This massive data leak did not escape the attention of cyber-security expert and ethical hacker Teguh Aprianto, who took to Twitter to criticize the state-owned company for its weak cyber security. 

"In 2020 we managed to pressure @IndiHome to deactivate the tracker that they have been using all this time to steal their customers' browsing data," said Teguh on his Twitter account @secgron on Sunday, August 21, 2022.

"Now that 26 million browsing history is leaked and distributed for free. Complete with names and NIK (ID number)," said Teguh. 

Also read: Indonesian Ministry of Communication Officially Reopens Access to PayPal, Steam, CS GG, Dota, and Yahoo!

"This BUMN (state-owned company) is truly evil. For instance, in this first line, this guy is browsing porn and his browsing history is stolen, complete with his name, sex, and NIK from the user data," commented Teguh on a screenshot of an individual's browsing history. 

"Imagine how this can be used to embarrass someone," he added.