Herman, Jakarta – A document containing usernames and passwords for accessing virtual cloud data at the Temporary National Data Center (PDNS) 2, which was hacked on June 20, has surfaced online. The password used by the PDNS 2 administrator was alarmingly weak and easily guessable: "Admin#1234."

This weak password made the system highly vulnerable to breaches. The document with access details was shared on the document-sharing website Scribd.

Previously, Semuel Abrijani Pangerapan, who has since resigned as the Director General of Applications and Informatics at the Communication and Informatics Ministry, said that the ministry had the encryption key to access PDNS 2, which had been hacked by the Brain Cipher group.

"We tried it on our specimen, and it worked, but we don't know for sure yet because many things were locked," Semuel said on Thursday.

Semuel added that while the data is safe, it remains locked and thus unusable.

Chief Security Affairs Minister Hadi Tjahjanto reaffirmed the government's commitment to addressing the issue with the temporarily located PDNS 2 in Surabaya, which was attacked by ransomware. The government plans to strengthen data security systems at the National Data Center (PDN) in three locations: Cikarang, Batam, and the new capital, Nusantara. The PDN in Cikarang is expected to be completed and inaugurated on August 17.

"The government is working to enhance the capabilities of the PDN as a replacement for PDNS 2 in Surabaya to ensure dual backup capabilities with optimal security," Hadi Tjahjanto said on Friday.

Regarding the use of weak passwords, many individuals still use simple password combinations that are easily cracked by hackers. According to recent research by the NordPass team, nearly one-third (31 percent) of the most commonly used passwords worldwide consist solely of numeric sequences, such as "12345," "123456789," "000000," and similar combinations.

Source: https://jakartaglobe.id/tech/national-data-center-breach-traced-to-weak-password-admin123