On May 12, 2021, a Threat Actor (TA) named “kotz” posted on a cybercrime forum, claiming to have data for over 200 million residents in Indonesia. The leaked data includes personally identifiable information (PII) of residents, but no passwords were leaked; it appears that the source might be from government surveys.

On further investigation, Cyble researchers found that the leaked data contains information about the user such as First Name, Last Name, Date of Birth, Mobile Number, Email ID, National Identity Numbers, and annual salaries for some of the individuals.
Our intelligence sources suggest that it affects over 200 million Indonesian citizens and foreigner who has worked in Indonesia for at least six months. The perpetrators allegedly gained access to the network of one of the legal bodies. This is unconfirmed at this stage.

Cyble has received a number of samples (unlisted on the original posts) and has been indexed on its data breach monitoring platform AmiBreached.com.
Recommendations:
Following some essential cybersecurity best practices create the first line of control against attackers. We recommend our readers to follow best practices as given below:
- Never share your personal information, including financial information, over the phone, email, or SMSs.
- Use strict to guess passwords as well as implement multi-factor authentication.
- Make it a habit to keep a watch on your financial transactions, and if you notice any suspicious activity, contact your bank immediately.
- Turn on the automatic software update feature on your computer, mobile, and other connected devices wherever possible and pragmatic.
- Use a reputed anti-virus and Internet security software package on your connected devices, including PC, laptop, and mobile.
- People concerned about their exposure on the Dark web can register at AmIBreached.com to ascertain their exposure.
- Never open untrusted links and email attachments without verifying their authenticity.
About Cyble
Cyble is a global threat intelligence SaaS provider that helps enterprises protect themselves from cybercrimes and exposure in the darkweb. Cyble’s prime focus is to provide organizations with real-time visibility into their digital risk footprint. Backed by Y Combinator as part of the 2021 winter cohort, Cyble has also been recognized by Forbes as one of the top 20 Best Cybersecurity Startups To Watch In 2020. Headquartered in Alpharetta, Georgia, and with offices in Australia, Singapore, and India, Cyble has a global presence. To learn more about Cyble, visit www.cyble.com.