A threat actor has allegedly put the source code and a 300 MB database belonging to a subsidiary of PT Pelabuhan Indonesia (Pelindo), Indonesia’s state-owned port operator, up for sale on a dark web forum. The targeted entity appears to be PT Tanjung Emas Daya Sejahtera (TEDS), a company majority-owned by a Pelindo subsidiary, which provides services related to port operations. The breach allegedly involves an application named “TEDS TALY,” version 1.624. Pelindo is a critical entity in Indonesia’s infrastructure, managing a vast network of ports and logistics services, making any breach a significant concern for national trade and security.
The cybercriminal posted a list of the data types allegedly contained within the stolen database, which includes a vast amount of highly sensitive Personally Identifiable Information (PII). The exposure of such detailed personal and financial data could lead to severe consequences for the individuals affected, including identity theft, targeted phishing attacks, and financial fraud. The threat actor is offering the data for sale via a Telegram channel.
The alleged leak includes the following data fields:
- Full Name
- Employee Identification Number (NIP)
- Family Card Number (NIK KK) and National ID Card Number (NIK KTP)
- Gender, Marital Status, and Date of Birth
- Full Address details (City, District, Village)
- Taxpayer Identification Number (NPWP)
- Education and Major/Field of Study
- Phone Number and Email Address
- Parent’s/Mother’s Name
- Religion
- BRI Bank Account Number
- Scanned files of Diplomas, National ID Cards, Family Cards, and Health Certificates
