34 Million Passport Records Stolen


A hacker under the alias Bjorka has claimed to successfully infiltrate the Indonesian official portal and accessed the passport details of more than 34 million users.

The compromised information, as stated by the hacker, includes names, passport numbers, and dates of birth of individuals registered on the Indonesian portal, Imigrasi. Details about the alleged Imigrasi cyber attack were posted on Bjorka’s Telegram channel.

Claims on Telegram about Imigrasi cyber attack

Telegram post by Bjorka (Photo: Falcon Feeds/ Twitter)

Imigrasi is the Indonesian government agency under the Ministry of Law and Human Rights. It provides immigration-related services among others. In its post, Bjorka claimed to steal 34 million Indonesian passports from the Imigrasi portal.

Imigrasi cyber attack
Post by Bjorka (Photo: Falcon Feeds/ Twitter)

The hacker demanded a ransom of $10,000 as shown on the screenshot above. They have a total of 34,900,867 records according to the hacker’s Telegram page.

Imigrasi cyebr attack
Details about the Imigrasi data stolen by Bjorka (Photo: Falcon Feeds/ Twitter)

The Telegram page about the suspected Imigrasi ransomware attack stated that the hacker has 1GB of compressed data which roughly amounts to 4GB data when uncompressed.

The data included passport issue and expiry dates, and names of individuals. The hacker claimed that they breached Imigrasi in July, however, no date was mentioned on the Telegram post.

The website was accessible at the time of writing after the alleged Imigrasi cyber attack. The Cyber Express emailed the officials to confirm about the security incident. We are yet to receive a response.

Imigrasi cyber attack and Indonesia, a target of the hacker

Previously, Bjorka had stolen over 1.3 billion Indonesian sim card registration details and put them on sale on the dark web. “I just wanted to point out how easy it is for me to get into various doors due to a terrible data protection policy,” Bjorka tweeted on their now defunct Twitter account.

Bjorka has also been found to ridicule Indonesian political figures for increasing the price of fuel in the nation. The incident of the price hike created a stir among the people.

The hacker joined Breach Forums in August 2022 and immediately started leaking stolen data of Indonesian citizens on the underground forum. They leaked data allegedly from WattPad and Tokopedia. However, the websites were breached in 2020.

Imigrasi cyber attack
Breach Forum post by Bjorka (Photo: Dark Owl)

Besides these, the hacker claimed to have leaked data from Telkom Indonesia, IndiHome, the Ministry of Communications and Information Technology, and the General Elections Commission among others.

Bjorka also claimed to have committed cybercrimes for a friend.

The hacker said that they have a good Indonesian friend in Warsaw that told him about the state of Indonesia. They launched the cyber attacks on Indonesian websites for him, a report by The Diplomat read.,

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.





Source link