Security researchers from threat intelligence firm Cyble discovered more than 230,000 Indonesian COVID-19 patients’ records on the dark web during their regular deep web and dark web monitoring activity. Cyble claimed that its researchers found a threat actor selling the database of COVID-19 patients on various dark net forums. The exposed data dump includes names, phone numbers, address, present address, citizenship, test results, diagnosis date, result date, and other sensitive information.
The researchers also analyzed the leaked data and confirmed its authenticity. “Cyble has acquired, validated and, indexed the leak on their data breach monitoring and notification platform, AmiBreached.com – people who’re concerned about their information exposure can register on the platform to ascertain the risks,” the company said in a post.
Risk Mitigation
Cyble also recommended certain mitigation measures to defend against data breaches, these include:
- Never share personal information, including financial information over the phone, email, or SMS
- Use strong passwords and enforce multi-factor authentication where possible
- Regularly monitor your financial transaction, if you notice any suspicious transaction, contact your bank immediately
- Turn-on automatic software update feature on your computer, mobile and other connected devices where possible and pragmatic
- Use a reputed anti-virus and internet security software package on your connected devices including PC, Laptop, and Mobile
Data Breaches on Indonesia
Recently, Indonesian e-commerce giant Tokopedia suffered a massive data breach after hackers leaked over 15 million user records. It was also discovered that threat actors kept the details of 91 million users up for sale on the darknet for $5,000. According to Under the Breach, the leaked records contained names, emails, password hashes, and other personal information. Tokopedia’s spokesperson, Nuraini Razak, also confirmed the breach and claimed that the company had ensured the security of its users’ information. While Tokopedia is investigating the incident, Razak clarified that users’ financial details like credit/debit card numbers and e-wallet information were not affected. She also advised the users to change their passwords to prevent further damage.
