230,000 Indonesian COVID-19 Patient Information Up for Auction

As if COVID-19 victims didn’t have it bad enough, threat intelligence firm Cyble has discovered a breathtaking 230,000+ Indonesian patient records for sale on the dark web (RaidForums), including names, contact and diagnosis information and medical records. The entire database of information is reportedly being sold for only $300USD. The seller, identified by his moniker "Database Shopping" wrote, "Indonesia COVID-19 database, 230k [worth of data in the] MySQL [database]. Leak date: May 20, 2020. I sell it to the enthusiast", according to the Jakarta Post. The less than reclusive seller took an interview with Kompas Daily via email, claiming to have mountains of COVID-19 medical information from other Indonesian regions as well.

"Cyble has acquired, validated and, indexed the leak on their data breach monitoring and notification platform, AmiBreached.com – people who’re concerned about their information exposure can register on the platform to ascertain the risks". reads the post published by Cyble.

The Indonesian Ministry of Communication and Informatics (Kominfo) in conjunction with National Cyber and Crypto Agency (BSSN) has been tasked with tracking down the vulnerability that allowed attackers to access and steal over 230K Indonesian COVID-19 patients data.

Indonesia is no stranger to costly data breaches, with the famous hacking of the General Elections Commissions website in 2013 in which millions of Indonesian’s information was exposed in what was thought to be a voter list. Surprisingly, Indonesia has yet to pass a personal data protection bill. In May of 2020, a hacker was discovered selling the details associated with 15 million users registered on Tokopedia, Indonesia’s largest online store. Among the information stolen were passwords, personal contact information, email activation codes, hobbies, education and a myriad of other information related directly to the 91 million Tokopedia customers.

Why Sangfor Technologies?
It’s very important to have the right security strategies and technologies in place to prevent intrusion from malware and other APTs. Sangfor has long been a leader in developing technologies and processes for combating zero-day malware, new and unknown APTs, and other cyber-attacks.  Sangfor’s Next Generation Firewall, Endpoint Secure and AI-powered anti-malware engine, are key elements in the fight against ransomware, powers combined to create a powerful security solution that lets you easily manage & protect your enterprise assets & endpoints.

Insider threats are also now a growing cyber threat for organizations. In order to combat data leakage, Sangfor provides Sangfor IAM, which can identify outgoing information in the network and support outgoing behaviour control on forums, email, instant messengers, network drives and SSL encrypted emails, preventing leakage of core information and providing log tractability for network sensitive incidents. Its high-performance external data center stores massive logs giving customers limitless access to vital network information.

Sangfor knows what network security issues our Indonesian customers face and how to prepare them for a more secure future. Over the years Sangfor has worked with notable Indonesian agencies and organizations like PT. Asuransi Sosial Angkatan Bersenjata Republik Indonesia, PT. ASABRI, BMKG, the Ministry of Industry and the City Government of Communication and Information Technology Prabumulih. Get in touch with Sangfor Technologies today to boost protections and prepare for the future of IT.
 
Sangfor Technologies is an APAC-based, global leading vendor of IT infrastructure solutions specializing in Network Security and Cloud Computing. Visit us at www.sangfor.com to learn more about Sangfor’s Security solutions, and let Sangfor make your IT simpler, more secure and valuable.