A threat actor has emerged claiming to sell data pertaining to PT Angkasa Pura I, also known as Angkasa Pura Airports, a company dedicated to delivering world-class services with a focus on security, safety, and customer comfort. The actor boasts a dataset comprising 68,237,264 records containing personal information such as names, emails, NIK (Indonesian ID numbers), phone numbers, addresses, dates of birth, and more, all available for purchase at $5000.
In a separate incident, another threat actor has surfaced offering Indonesian financial data for sale. The dataset reportedly consists of 600,000 lines and includes details like names, phone numbers, addresses, emails, NIK, and additional information. The data spans from 2021 to 2023 and was dumped in 2024, with the actor setting the price at $600.
With the data provided by the threat actors, malicious individuals could engage in various nefarious activities, including:
Identity Theft: Personal information such as names, addresses, phone numbers, and NIK (Indonesian ID numbers) can be used to impersonate individuals, open fraudulent accounts, or conduct unauthorized transactions.
Phishing Attacks: Email addresses and phone numbers can be utilized to launch phishing campaigns, where fake messages are sent to victims in an attempt to trick them into revealing sensitive information or downloading malicious software.
Financial Fraud: With access to financial data, threat actors could attempt to commit fraud by accessing bank accounts, applying for loans or credit cards, or conducting unauthorized financial transactions.
Social Engineering: Armed with detailed personal information, attackers could manipulate individuals into divulging additional sensitive data or granting access to secure systems through social engineering tactics.
Spamming and Scams: Contact details obtained from the datasets may be used for spamming purposes or to perpetrate various online scams, targeting unsuspecting individuals with fraudulent offers or requests.
Overall, the compromised data poses a significant risk to individuals’ privacy, financial security, and overall online safety. It underscores the importance of robust cybersecurity measures and vigilance in safeguarding personal information from unauthorized access and exploitation.