A user on a dark web forum has allegedly posted a sensitive database belonging to the Indonesian National Police Hospital, also known as RS Polri Kramat Jati. The hospital, formally named Bhayangkara Hospital Level I R. Said Soekanto, is a major medical facility under the Indonesian National Police (Polri). It is considered a vital piece of national infrastructure, providing services to the general public and serving as the primary referral hospital for high-ranking government officials, including the president, ministers, and state guests.
The threat actor claims to have obtained a significant amount of highly confidential patient information from the hospital’s HIV/AIDS Information System. The alleged breach exposes the personal and medical records of thousands of patients, which could lead to severe privacy violations and personal distress. The origin of the data appears to be a direct compromise of the hospital’s systems, with the information now being offered on a notorious dark web forum known for trading in stolen data.
The data, allegedly stolen from the hospital, is categorized into two main files. The cybercriminal claims the leaked files contain:
- HIV Patient Personal Data (38,064 records)
- Patient Visit Data (2,133 records)
