Indonesia is investigating alleged personal data breaches at state-owned telecommunications firm PT Telkom Indonesia’s internet service Indihome and state utility PT Perusahan Listrik Negara (PLN), its communications ministry said on Sunday.
Samuel Abrijani Pangerapan, a senior communications ministry official, said in a statement that the ministry had summoned representatives of Telkom and PLN and sent recommendations on data security to both firms.
A Telkom spokesperson told Reuters on Monday that there was no breach of IndiHome customer data.
A PLN spokesperson did not immediately respond to a request for comment, although it was quoted by local media as saying on Saturday that it was investigating an alleged breach.
Indonesia has had a slew of alleged data breaches in recent years, including its COVID-19 screening app, which led to President Joko Widodo’s vaccine records being widely shared on social media in September.
A data protection bill aimed at strengthening the country’s cyber security infrastructure was introduced in Parliament in 2020, but it is yet to be passed.
A year ago, Indonesia said it was investigating a suspected security flaw in a COVID-19 test-and-trace app that exposed the personal information and health status of 1.3 million people, according to the health ministry.
In August 2021, researchers at encryption provider vpnMentor said that personal information in the Indonesia Health Alert Card (eHAC) app, which is often required to be used by travelers, was accessible “due to a lack of protocols imposed by the app’s developers”. .
At the time, Anas Maruf, a health ministry official who was overseeing the data, said the government was looking into a possible breach, but said the potential flaw was in an older version of the app, which had not been used since July 2021. Is. The eHAC system is part of the Peduli Lindungi (Care Protect) app, which has been promoted by the government for various tracing purposes, including entry into malls.
© Thomson Reuters 2022