Indonesia Launches Investigation for Possible Breach on Its COVID-19 Tracing App

  • Researchers found an exposed instance containing the data of the Indonesian COVID-19 tracing app.
  • The number of exposed individuals reached 1.3 million, but the access by hackers hasn’t been confirmed.
  • The data set included very sensitive details on users, staff, and even hospitals and clinics in the country.

The state of Indonesia has launched an urgent investigation to figure out whether or not the database of the official COVID-19 tracing app has been compromised by malicious actors. The app is called ‘Indonesia Health Alert Card’ (eHAC) and it is mandatory for travelers in the country, so a data breach in it would potentially affect a large number of people who were basically obliged to use it by the Ministry of Health in the country.

This action comes after researchers N. Rotem and R. Locar of the vpnMentor team discovered the exposed database and reported the issue to Indonesia’s authorities. The discovery took place on July 15, 2021, but after multiple contact attempts, the researchers were unable to receive an assuring response from anyone responsible. Eventually, and after reaching out to various governmental agencies hoping someone would respond, the database was taken down on August 24, 2021.

This left plenty of time for actors to discover the exposed and unprotected Elasticsearch instance and exfiltrate the data, but whether or not someone has actually done that remains to be seen. The types of data included in the 2GB set are the following:

  • Passenger ID and type (including domestic and international travelers)
  • Hospital ID
  • Queue number while doing this test
  • Reference number
  • Address and time for a home visit
  • Test type (PCR, rapid antigen, etc.), date, and place
  • Test result and date issued
  • eHAC document ID
  • Passenger name and URN ID number
  • URN hospital ID number
  • Passenger details (ID number, full name, mobile phone number, DOB, citizenship job, gender, etc.)
  • Passenger’s national Indonesian ID number (where applicable)
  • Passport and profile photo attached to eHAC account
  • PII data for passenger’s parent(s) or next of kin
  • Passenger’s hotel details (name, address, phone number)
  • Additional passenger photo ID (possibly a placeholder for future use)
  • Details about a person’s eHAC account and when it was created
Source: vpnMentor

There were approximately 1.3 million eHAC user records in the database, so the number of people who are now running the risk of getting scammed, phished, or social engineered is pretty significant. Additionally, the database stored the following details about 226 hospitals and clinics in the country:

  • Hospital details (ID, name, country, license number, address and exact location (with coordinates), phone and WhatsApp number, opening hours)
  • Name of the responsible person for the passenger
  • Name of the passenger’s doctor
  • Hospital capacity
  • Allowed test types in the hospital
  • Information about how many tests were done each day
  • Which type of passengers are allowed in this hospital

The health ministry representative who announced the investigation, Anas Ma’ruf, told users to delete the old app and install the new version that is supposed to be more secure. As the spokesperson further speculated, its data leak may come from a partner, but no further details were provided around that.

REVIEW OVERVIEW

Latest

Why Is Demon Slayer So Popular?

In August 2019, the world suddenly started talking about an anime series that had just released its nineteenth episode. Fast forward to...

F1 Live Stream 2022: How to Watch Formula 1 Without Cable

There's not much time until the 2022 Formula 1 World Championship gets underway - the first race is scheduled for late March,...

Disney+ Announces Basketball Series Inspired By Award-Winning Book The Crossover

Disney Plus announced a new basketball-themed drama series that is set to land on the streaming platform, drawing inspiration from the critically...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari