As part of our regular deepweb and darkweb sweeps, we identified a credible actor in one of the darkweb markets claiming to have more than 890K+ records of Kreditplus customers.
Kreditplus is a licensed provider of venture capital, multi-finance loans, and other activities as approved by Otoritas Jasa Keuangan i.e. Financial Services Authority of Indonesia. Currently, Kreditplus focuses on the business of lending car or motorcycle as collateral, and financing for furniture or electrical goods. Kreditplus have also become one of the most well-known names in the financing industry with a network of distribution in 244 locations all over Indonesia, supported by over 12,000 employees
The leaked database includes the following fields:
- Email address
- Present/physical address
- telephone number
- Job data
- Company data
- Family data
Cyble has acquired the leaked data and it appears the data is legitimate. To inform the broader community about the threat, Cyble has indexed the data on their data breach monitoring and notification platform, AmiBreached.com – people who’re concerned about their information exposure can register on the platform to ascertain the risks.
We recommend people to:
- Never share personal information, including financial information over the phone, email or SMSs
- Use strong passwords and enforce multi-factor authentication where possible
- Regularly monitor your financial transaction, if you notice any suspicious transaction, contact your bank immediately.
- Turn-on automatic software update feature on your computer, mobile and other connected devices where possible and pragmatic
- Use a reputed anti-virus and internet security software package on your connected devices including PC, Laptop, Mobile
- People who are concerned about their exposure in darkweb can register at AmiBreached.com to ascertain their exposure.
Cyble is a US-based cyber threat intelligence company with the express mission to provide organizations with real-time views of their supply chain cyber threats and risks.