A massive database allegedly belonging to the Indonesian freight forwarding company, PT. Tiki Jalur Nugraha Ekakurir (JNE), has been put up for sale on a dark web forum. A threat actor claims to have obtained approximately 81.47 million records, totaling 245GB of uncompressed data. The actor stated they had attempted to contact JNE about the vulnerability but received no response, leading them to offer the database for sale. The data was reportedly exfiltrated on August 10, 2025.
JNE is one of the largest and most critical logistics and courier companies in Indonesia, boasting a network that covers over 83,000 destinations and employs more than 50,000 people. A breach of this magnitude could have severe consequences for millions of customers, exposing sensitive personal and shipping information. The threat actor has put the entire database up for sale for $2,000 and has provided a 100k-record sample to substantiate their claims.
The compromised information is said to encompass logistics data from May 2025 to August 8, 2025. The detailed records allegedly contain a wealth of personally identifiable information (PII) and shipping details. The exposed data reportedly includes:
- Recipient’s name
- Recipient’s address
- Recipient’s mobile phone number
- Waybill number
- Description of goods
- Courier details
- Geolocation data of deliveries
