Data Breaches 2021: Difference between revisions

(12 intermediate revisions by the same user not shown)

Line 19:

#'''Colonial Pipeline''': If there was ever an example of how a cyberattack can impact the physical world, the cyberattack experienced by Colonial Pipeline is it. The fuel pipeline operator was struck by ransomware, courtesy of DarkSide, leading to fuel delivery disruption and panic buying across the United States. The company paid a ransom, but the damage was already done.

#'''Omiai''': The Japanese dating app said unauthorized entry may have led to the exposure of data belonging to 1.7 million users.

#'''Komisi Pemilihan Umum (KPU)''': Pada 22 Mei 2020 lalu, peretas mengklaim telah membobol 2,3 juta data warga Indonesia dari Komisi Pemilihan Umum (KPU). Informasi itu datang dari akun @underthebreach, yang sebelumnya mengabarkan kebocoran data e-commerce Tokopedia. Akun itu juga menyebutkan bahwa peretas membocorkan informasi 2.300.000 warga Indonesia. Data termasuk nama, alamat, nomor ID dan tanggal lahir. Data tersebut diperkirakan merupakan data tahun 2013.

#'''BPJS Kesehatan''': Pada Mei 2021 BPJS mengalami pembobolan data, diduga sebanyak 279 juta data penduduk Indonesia yang berasal dari BPJS kesehatan bocor dan dijual di forum hacker.Dewan Pengawas (Dewas) BPJS Kesehatan mencermati risiko keamanan nasional pada isu kebocoran data yang diduga milik BPJS Kesehatan.

==June==

Line 27:

Line 29:

#'''UC San Diego Health''': UC San Diego Health said employee email accounts were compromised by threat actors, leading to a wider incident in which patient, student, and employee data potentially including medical records, claims information, prescriptions, treatments, Social Security numbers, and more were exposed.

#'''Guntrader.uk''': The UK trading website for shotguns, rifles, and shooting equipment said that records belonging to roughly 100,000 gun owners, including their names and addresses, had been published online. As gun ownership and supply are strictly controlled in the UK, this leak has caused serious privacy and personal safety concerns.

#'''Kaseya''': A vulnerability in a platform developed by IT services provider Kaseya was exploited in order to hit an estimated 800 - 1500 customers, including MSPs.

#'''eHAC''': Dugaan kebocoran data dari aplikasi Indonesia Health Alert Card atau eHAC yang digagas kemenkes pertama kali diungkapkan oleh tim peneliti dari vpnMentor, sejak 15 Juli lalu.

#'''BRI Life''': Sempat ramai beredar di media sosial ihwal dugaan penjualan data dua juta nasabah BRI Life dengan harga $7.000 atau sekitar Rp 101,6 juta. Unggahan tersebut dibeberkan akun Twitter @HRock. Terdapat 463.000 dokumen yang diperjualbelikan. Dokumen yang tertera dalam tangkapan layar berupa foto KTP elektronik, nomor rekening, nomor wajib pajak, akte kelahiran, dan rekam medis nasabah BRI Life.

==August==

Line 42:

Line 46:

#'''Coinbase''': Coinbase sent out a letter to roughly 6,000 users after detecting a "third-party campaign to gain unauthorized access to the accounts of Coinbase customers and move customer funds off the Coinbase platform." Cryptocurrency was taken without permission from some user accounts.

#'''Neiman Marcus''': In October, Neiman Marcus made a data breach that occurred in May 2020 public. The intrusion was only detected in September 2021 and included the exposure and potential theft of over 3.1 million payment cards belonging to customers, although most are believed to be invalid or expired.

#'''Argentina''': A hacker claimed to have compromised the Argentinian government's National Registry of Persons, thereby stealing the data of 45 million residents. The government has denied the report.

#'''KPAI''': Pakar keamanan siber dari Vaksincom, Alfons Tanujaya mengaku sudah mengetes kasus dugaan kebocoran data Komisi Perlindungan Anak Indonesia (KPAI) yang tersebar di RaidForums. Ia menyimpulkan bahwa data yang dibocorkan adalah data valid. Sebelumnya dilaporkan database milik KPAI diduga bocor di internet. Data ini muncul di RaidForums dengan judul Leaked Database KPAI (kpai.go.id) yang diunggah 13 Oktober 2021.

==November==

Line 56:

Line 61:

==Source==

*[https://www.zdnet.com/article/the-biggest-data-breaches-of-2021/ zdnet.com]

*[https://www.cnnindonesia.com/teknologi/20210901150749-185-688400/deretan-kasus-bocor-data-penduduk-ri-dari-server-pemerintah cnnindonesia.com]

*[https://www.suara.com/tekno/2021/10/21/212004/data-data-yang-bocor-dari-kpai-diduga-valid suara.com]

*[https://nasional.tempo.co/read/1501790/6-kasus-kebocoran-data-pribadi-di-indonesia tempo.co]

[[Category:Security]]

@@ Line 19: / Line 19: @@
 #'''Colonial Pipeline''': If there was ever an example of how a cyberattack can impact the physical world, the cyberattack experienced by Colonial Pipeline is it. The fuel pipeline operator was struck by ransomware, courtesy of DarkSide, leading to fuel delivery disruption and panic buying across the United States. The company paid a ransom, but the damage was already done.
 #'''Omiai''': The Japanese dating app said unauthorized entry may have led to the exposure of data belonging to 1.7 million users.
+#'''Komisi Pemilihan Umum (KPU)''': Pada 22 Mei 2020 lalu, peretas mengklaim telah membobol 2,3 juta data warga Indonesia dari Komisi Pemilihan Umum (KPU). Informasi itu datang dari akun @underthebreach, yang sebelumnya mengabarkan kebocoran data e-commerce Tokopedia. Akun itu juga menyebutkan bahwa peretas membocorkan informasi 2.300.000 warga Indonesia. Data termasuk nama, alamat, nomor ID dan tanggal lahir. Data tersebut diperkirakan merupakan data tahun 2013.
+#'''BPJS Kesehatan''': Pada Mei 2021 BPJS mengalami pembobolan data, diduga sebanyak 279 juta data penduduk Indonesia yang berasal dari BPJS kesehatan bocor dan dijual di forum hacker.Dewan Pengawas (Dewas) BPJS Kesehatan mencermati risiko keamanan nasional pada isu kebocoran data yang diduga milik BPJS Kesehatan.
 ==June==
@@ Line 27: / Line 29: @@
 #'''UC San Diego Health''': UC San Diego Health said employee email accounts were compromised by threat actors, leading to a wider incident in which patient, student, and employee data potentially including medical records, claims information, prescriptions, treatments, Social Security numbers, and more were exposed.
 #'''Guntrader.uk''': The UK trading website for shotguns, rifles, and shooting equipment said that records belonging to roughly 100,000 gun owners, including their names and addresses, had been published online. As gun ownership and supply are strictly controlled in the UK, this leak has caused serious privacy and personal safety concerns.
 #'''Kaseya''': A vulnerability in a platform developed by IT services provider Kaseya was exploited in order to hit an estimated 800 - 1500 customers, including MSPs.
+#'''eHAC''': Dugaan kebocoran data dari aplikasi Indonesia Health Alert Card atau eHAC yang digagas kemenkes pertama kali diungkapkan oleh tim peneliti dari vpnMentor, sejak 15 Juli lalu.
+#'''BRI Life''': Sempat ramai beredar di media sosial ihwal dugaan penjualan data dua juta nasabah BRI Life dengan harga $7.000 atau sekitar Rp 101,6 juta. Unggahan tersebut dibeberkan akun Twitter @HRock. Terdapat 463.000 dokumen yang diperjualbelikan. Dokumen yang tertera dalam tangkapan layar berupa foto KTP elektronik, nomor rekening, nomor wajib pajak, akte kelahiran, dan rekam medis nasabah BRI Life.
 ==August==
@@ Line 42: / Line 46: @@
 #'''Coinbase''': Coinbase sent out a letter to roughly 6,000 users after detecting a "third-party campaign to gain unauthorized access to the accounts of Coinbase customers and move customer funds off the Coinbase platform." Cryptocurrency was taken without permission from some user accounts.
 #'''Neiman Marcus''': In October, Neiman Marcus made a data breach that occurred in May 2020 public. The intrusion was only detected in September 2021 and included the exposure and potential theft of over 3.1 million payment cards belonging to customers, although most are believed to be invalid or expired.
 #'''Argentina''': A hacker claimed to have compromised the Argentinian government's National Registry of Persons, thereby stealing the data of 45 million residents. The government has denied the report.
+#'''KPAI''': Pakar keamanan siber dari Vaksincom, Alfons Tanujaya mengaku sudah mengetes kasus dugaan kebocoran data Komisi Perlindungan Anak Indonesia (KPAI) yang tersebar di RaidForums. Ia menyimpulkan bahwa data yang dibocorkan adalah data valid. Sebelumnya dilaporkan database milik KPAI diduga bocor di internet. Data ini muncul di RaidForums dengan judul Leaked Database KPAI (kpai.go.id) yang diunggah 13 Oktober 2021.
 ==November==
@@ Line 56: / Line 61: @@
 ==Source==
 *[https://www.zdnet.com/article/the-biggest-data-breaches-of-2021/ zdnet.com]
+*[https://www.cnnindonesia.com/teknologi/20210901150749-185-688400/deretan-kasus-bocor-data-penduduk-ri-dari-server-pemerintah cnnindonesia.com]
+*[https://www.suara.com/tekno/2021/10/21/212004/data-data-yang-bocor-dari-kpai-diduga-valid suara.com]
+*[https://nasional.tempo.co/read/1501790/6-kasus-kebocoran-data-pribadi-di-indonesia tempo.co]
 [[Category:Security]]