Jakarta – A group of consumers filed a lawsuit against Communications and Information Minister Budi Arie Setiadi with the Jakarta State Administrative Court (PTUN) for his perceived failure to protect the temporary national data center (PDN) facility from a cyberattack in June.
The Indonesian Consumer Community (KKI) filed the lawsuit last Friday according to group head David Tobing. In the lawsuit, they argued that the minister failed to prevent and mitigate the impacts of the ransomware attack that hit the data center in Surabaya, East Java, on June 20, which led to the disruption of hundreds of government databases.
The community also sued the ministry for not backing up the data stored on the site, something that led to weeks of public service disruption, including to immigration services and student enrollment in state schools.
"The event greatly affected the public and various government institutions in processing documents through online public services," David said on Monday, as quoted by kompas.com, adding that the plaintiff holds the ministry responsible for the operation of the PDN.
The affected PDN site in Surabaya is operated by Telkomsigma, a subsidiary of state-owned communications firm PT Telkom Indonesia. The communications ministry was responsible for building the temporary sites as placeholders to centralize data from numerous government institutions, while the permanent facility is still under construction.
Following a slow recovery process, 16 of the hundreds of affected institutions had their databases recovered as of late July, after the ransomware attackers released a decryption key to help the government unlock the encrypted data.
Minister Budi had inspected various data center facilities across the country, including a Telkomsigma data center site in Yogyakarta, to check on the progress of data recovery as well as efforts to strengthen the security of the data centers, according to statements from the ministry.
Budi, who faced calls and petitions for him to resign from the ministerial post after the ransomware incident, targeted a full recovery of the affected data center by the second week of August, followed by a further audit.
He said during a meeting with the House of Representatives in late June that the ministry could only resume the work for the permanent national data center after completing the ransomware attack investigation. (rad)