Indonesia's electoral commission, Komisi Pemilihan Umum (KPU), is currently investigating claims of a data breach involving the Permanent Voters List (DPT) for the 2024 general elections. The investigation is being conducted alongside several agencies, including the National Cyber and Crypto Agency (BSSN), the National Police of the Republic of Indonesia (Polri), the State Intelligence Agency (BIN), and the Ministry of Communication and Informatics (Kemenkominfo).
Claims of Data Breach Shadow First Day of 2024 Election Campaign
The alleged data breach has cast a shadow over the first day of the 2024 presidential election campaign. Data claimed to be from the KPU was leaked on BreachForums by a user named Jimbo on Monday (27/11) at 09.21 WIB. The data, being sold for 2BTC or US$74,000 (Rp1.14 billion), is said to include personal information from over two hundred million records, including National Identity Numbers (NIK), Family Card numbers (NKK), KTP numbers, Polling Station (TPS) details, e-KTP status, gender, and birth dates. The data also purportedly includes information from the General Consulate of the Republic of Indonesia, the Embassy of the Republic of Indonesia, and the Consulate of the Republic of Indonesia.
Concerns Over the Integrity of the Electoral Process
The alleged data breach, involving a reported 204 million records, raises serious concerns about the integrity of the electoral process and public trust in the democratic system. An anonymous hacker named Jimbo has claimed responsibility, saying they have hacked into the KPU's website and obtained voter data. The Coordinating Minister for Political, Legal and Security Affairs, Mahfud MD, has expressed concern about the alleged hacking of the DPT data on the KPU's site, urging the KPU to enhance their data security to prevent their system from being easily breached by hackers.
Investigation Underway to Verify Claims
Chairman of the KPU RI, Hasyim Asy'ari, has spoken out about the alleged theft of 204 million voter data for the 2024 elections managed by their institution by a hacker and sold on a hacker forum. According to him, the DPT data is not only held by the KPU RI, but also by many other parties. Commissioner of the KPU RI, Idham Holik, has said that an investigation is needed to verify these hacking claims. Meanwhile, the Ministry of Communication and Informatics (Kominfo) is coordinating with the BSSN and the KPU RI regarding the findings of the alleged data leak of the 2024 election. The Director-General of Information and Public Communication (IKP) of Kominfo, Usman Kansong, said that they are still monitoring the latest developments related to information on the alleged data leak on the KPU RI site.