Aisyah Llewellyn reports:
The first that Indonesia heard about the hacker now known as Bjorka came when news broke at the beginning of September of a massive data leak.
Some 1.3 billion SIM card registration details were stolen and listed for sale on a dark web online marketplace. The data was harvested in part as a result of a change in policy in 2017, requiring that anyone using an Indonesian SIM card first register it in their name using their identity card, known as a KTP, and their family card, known as a KK.
If the leaks had ended there, or if Bjorka – who appears to have taken their name from the Icelandic singer Bjork – had listed more online data seemingly purely for financial gain, perhaps the story would not have gained much traction. But in the weeks after the data leak, Bjorka has attracted something of a cult following online thanks to an intriguing personal backstory and a series of spats with the increasingly frustrated Indonesian government.
Read more at The Diplomat.
Bjorka’s hacks and in-your-face approach to the government have certainly made more people aware of the unsatisfactory state of data protection in Indonesia. Bjorka wasn’t the first to make that point, obviously. A quick search of DataBreaches.net for “Indonesia” returns 72 results, including a recent listing of attacks on Indonesian government agencies and multiple reports of attacks in other sectors by ALTDOS, DESORDEN, and others.
And for a walk down Memory Lane: how many readers remember “Cyb34Sec Crew?” In 2011, Lee J. had reported on his blog (subsequently merged with DataBreaches):
Cyb3rSec Crew has been busy the past few days dumping 3 databases from different sites. The websites which are all Indonesia government websites. The data that has been leaked is admin accounts and basic database layouts. https://agroindustri.menlh.go.id/ https://pastebin.com/YqaSx1Uh https://landspatial.bappenas.go.id/ https://pastebin.com/fyv1A0in https://ktm.depnakertrans.go.id/ https://pastebin.com/wHymUfPx This continues the proof that the worlds governments need to fix shit asap and stop this from happening as most of these attacks are from very basic attacks.
More than a decade later, it seems not much had changed.