In the shadowy corners of the underground web, a new claim has surfaced that could ripple through Indonesia's vast transportation ecosystem.
On May 10, 2026, threat intelligence accounts like @DailyDarkWeb highlighted a listing by an actor known as Kyyzo, advertising what purports to be a massive 93GB+ database stolen from Indonesia's Ministry of Transportation, or Kementerian Perhubungan Republik Indonesia. The ad boasts coverage across 38 provinces and 514 cities or regencies, including hundreds of thousands of vehicle and owner records, with a focus on Jakarta-area data.
The seller prices the trove at $8,500 while dangling a "pay or sell" ultimatum, suggesting openness to negotiation for deletion or further distribution.
An underground actor is advertising what is claimed to be a “93GB+” database allegedly associated with Indonesia’s Ministry of Transportation (Kementerian Perhubungan Republik Indonesia).
The underground listing claims:
• Data spanning 38 provinces and 514 cities/regencies… pic.twitter.com/MldSlwdWcl— Dark Web Intelligence (@DailyDarkWeb) May 10, 2026
Screenshots shared in the listing show the ministry's official branding alongside code snippets and database structures, but as with many such claims, independent verification remains elusive.
No samples have been widely tested for authenticity, and the full extent of any compromise stays unclear. Threat researchers emphasize that screenshots alone prove little, as actors often inflate or repackage older data to command attention and payment.
But if it's true, the effect can be devastating.
This is because of the data it allegedly contain:
- Data spanning 38 provinces and 514 cities/regencies.
- Hundreds of thousands of vehicle and owner records.
- Jakarta-region transportation-related records.
- Large-scale database access allegedly containing transportation system data.
To make the leak credible, the post also includes:
- Sample screenshots.
- Alleged database field structures.
- Extortion-style messaging ("Pay or Sell").
- Negotiation references tied to deletion of the alleged dataset.
If genuine, the potential fallout extends far beyond embarrassment.
Vehicle owners could face identity theft, targeted scams, or vehicle-related fraud, while aggregated data might reveal patterns in transportation networks useful for more sophisticated attacks. Public trust in digital government services erodes with every headline, especially in a nation pushing smart city and interconnected transport initiatives.
Threat actors increasingly eye these sectors precisely because of the rich citizen datasets and operational dependencies they hold.
This incident fits a troubling pattern for Indonesian government entities, which have faced repeated cyber intrusions in recent years.
And in many in those cases, officials sometimes denied the data originated from their core systems, pointing instead to outdated or mismatched records while promising forensic reviews and stronger safeguards like disaster recovery plans and partnerships with the National Cyber and Encryption Agency.
Yet the frequency of claims underscores ongoing vulnerabilities in centralized databases handling citizen identities, vehicle registrations, and critical infrastructure.