A threat actor has claimed responsibility for an alleged data breach involving the official Indonesian firefighting services platform. The claims, which surfaced on a dark web forum, suggest that sensitive personal information of nearly 10,000 firefighting volunteers has been compromised. It is important to note that these are currently unverified allegations, and authorities have yet to confirm the authenticity of the breach.
According to the threat actor’s post, the leaked data includes extensive personal details such as volunteer IDs, registration codes, national identification numbers (NIK), full names, birthplaces, birth dates, genders, blood types, marital statuses, religions, phone numbers, and home addresses. Additional fields reportedly include educational background, employment details, and health information. The threat actor claims that the data is contained in a 16.6 MB Excel (.xlsx) file, comprising 9,698 lines of entries.
The alleged dataset also purportedly includes official documents such as verification IDs, service letters (SK), and membership cards (KTA), along with timestamps of their issuance. This level of detail, if confirmed, could pose significant privacy and security risks for affected individuals.
