It was reported that a trove of Indonesians' social security data (BPJS) was posted on a hacking forum. This caused unease, especially among officials.
This began when a user with the handle kotz posted on an hacker online forum, saying that he has "Indonesian data for sale." It was later revealed that the data is coming from Indonesia's BPJS. To prove this, the poster shared a glimpse of the data, such as names, citizenship identity numbers, residential addresses and phone numbers as samples.
The poster claimed to have access to data on the entire population of more than 270 million people.
The Ministry of Communication and Information Technology confirmed a leak of the social security data, and affirmed that the data were being sold.
The data that is leaked, included information on families and payment status "identical to BPJS Kesehatan's data", according to spokesman Dedy Permadi said in a statement.
"The communications ministry has summoned the directors of BPJS Kesehatan as the manager of the personal data allegedly leaked," he added.

The authorities have taken steps to prevent further distribution of the stolen data, he said.
While confirming the leak, the Ministry insisted that the breach is smaller in scale than what was claimed by the hacker.
The Ministry said that the data only involved 100,002 people.
As for BPJS Kesehatan, the Indonesian health and social security agency said that it is working to find the root of the breach. The agency said that it has a "strict and layered data security system" to ensure confidentiality of data.
But according to cyber security expert Alfons Tanujaya, he believes that the hacking was unlikely to be sophisticated, in which he assumed that the hackers used "basic" methods like SQL injection, which involves the use of a malicious code.
"Judging from the quantity of the leaked data, the data protection is likely still too weak," Alfons explained.
He warned that although the leaked data did not include medical records, the contact details and other personal data could potentially be misused. "The (latest) case is the tip of the iceberg from (Indonesia's) messy data management," he added.
This was clarified by a statement by Satriyo Wibowo, a cyber security expert and secretary of Indonesia Cyber Security Forum, who said that the leak can indeed be worrying.
"It's personal data that could have implications sensitive to the owner's security and comfort," he said, adding that the data could be used for fake online loan applications.
"With this breach that largely went undetected, the seriousness of data protection is now questioned."

The leak comes as Indonesia, the world's fourth most populous country, is pushing hard to distribute more 'COVID-19' coronavirus vaccines to more age groups.
The pandemic has crippled many parts of the economy. And as the country is recovering, after seeing 49,000 dead and 1.76 million infected, this vaccination program depends largely on online registrations.
Members of Commission I of the Indonesia's House of Representatives regretted that the case of leaking personal data of Indonesian citizens has again repeated.
"There have been very frequent leaks of personal data on the internet. Whether it is personal data in the private realm such as data in Tokopedia, Bukalapak, Lazada, as well as data in public agencies such as the leaking of COVID-19 patient data, election data in KPU, and the latest allegations of BPJS Health data," one member said.
According to him, the country's cyber resilience is very weak.
"This is an alarm for Indonesia," he said.
He said that mitigation measures must also be taken so that the data that has been leaked is stopped from further spreading. The government should also have plans if things like these happen again, whether after this there will be another "attack" that could shake the country's cyber resilience.
"And there needs to be steps forward so that something like this doesn't happen again. This is important to underline because there are likely to be more cases of data leaks than ever before," he said.
This incident is unfortunate for Indonesia, as the country is already a home of one of Asia's largest pool of tech-savvy people.













































































































































































































































































































































































