Indonesia recently faced a massive security breach in its civil aviation sector, with a threat actor going by the name “Hacker Mail” claiming to have accessed critical data related to air traffic management in the country. The breach involved the exfiltration of over 3GB of databases containing sensitive information such as employee details, application passwords, website user data, ID card photos of employees, drone pilot certificates, and flight data related to aircraft and pilots.
The hacker, posting on the hacking forum Breachforums, revealed that the data breach took place on June 27, 2024. In the post, the threat actor highlighted the role and responsibilities of the Directorate General of Civil Aviation (DGCA) within the Indonesian Ministry of Transportation. The post included sample records showcasing user logs for certificates, pilot information, and communication between DGCA employees and pilots.
The leaked data exposed sensitive personal information, IP addresses used for login, and timestamps of login activities. Additionally, ID card photo data of all employees and usernames/passwords of employees who accessed DGCA applications were also reportedly compromised. Despite these claims, the DGCA website appears to be functioning normally, and official confirmation from authorities regarding the breach is pending.
This incident comes amid a series of cyberattacks targeting key Indonesian entities. In a separate incident, a ransomware attack on the national data center disrupted government services, affecting over 200 agencies. The attackers demanded an $8 million ransom for a decryption key, highlighting the urgent need for robust cybersecurity measures and data backups.
Moreover, reports emerged of hacker “MoonzHaxor” breaching Indonesian Military’s Strategic Intelligence Agency and offering to sell the data. The same hacker also allegedly compromised Indonesia’s Automatic Finger Identification System owned by the National Police, exposing fingerprint images and sensitive configurations.
As authorities investigate these cyber incidents, concerns regarding data security and the resilience of critical infrastructure remain paramount. The escalating cybersecurity threats underscore the importance of proactive defense strategies and collaboration between government agencies, private sector entities, and cybersecurity experts to safeguard national interests and citizen data. Stay tuned for updates as the situation develops.