APSN Banner

Massive data breach calls for urgent personal data protection law

Tempo - May 24, 2021

Andita Rahma, Jakarta – Following news about an alleged massive data breach of 279 million Indonesians' confidential BPJS (social security) data on Friday, Commission I House of Representative (DPR) legislator Sukamta highlighted the fact that confidential data breach has happened too often which exposes Indonesia's cyber security weaknesses.

"This is how weak our cybersecurity is even though the BPJS always maintains and guarantees the security of its confidential data. Add to the fact that hackers often find themselves updating and improving their skills on constantly updated technologies," said the legislator from the Prosperous Justice Party (PKS) in a written statement on Friday May 21.

Meanwhile, fellow Commission 1 legislator Dave Laksono added that House members intend to quickly pass the draft law on personal data protection as the latest data breach has posed a critical alarm bell for the country's weak cybersecurity.

"We at the Commission I want [the draft bill] to be passed immediately since there are other draft bills that need to be passed," said Laksono to Tempo on Sunday, May 23.

Meanwhile, Indonesia's Central Information Commission (KIP) Cecep Suryadi has also voiced his concern about the pressing issue and pushes for the Personal Data Protection draft to be quickly passed.

"It's safe to say we are facing a personal data protection emergency amidst the wave of new technology developments," he wrote in a statement on Saturday, May 22. "Which is why the personal data protection act must be quickly passed and made into law for the sake of people's security."

Data of more than 200 million BPJS participants that include people's personal information from their names, ID numbers, ID cards, phone numbers, email accounts, up to wages had allegedly been compromised.

On the same day the Communication and Informatics Ministry (Kominfo) announced they had blocked the website and the website's user who allegedly leaked the personal information. The Kominfo then summoned the Healthcare and Social Security Administrator (BPJS Kesehatan) and agreed to investigate it deeper alongside the National Cyber and Encryption Agency (BSSN).

Source: https://en.tempo.co/read/1465186/massive-data-breach-calls-for-urgent-personal-data-protection-la