Indonesia probes suspected data breach on COVID-19 app | Inquirer News

Indonesia probes suspected data breach on COVID-19 app

/ 04:50 PM August 31, 2021

indonesia covid vaccination

People wearing protective face masks queue up to receive a vaccine dose against the coronavirus disease (COVID-19) during a mass vaccination program at a shopping mall in Jakarta, Indonesia, August 31, 2021. REUTERS

JAKARTA — Indonesia is investigating a suspected security flaw in a COVID-19 test-and-trace app that left exposed personal information and the health status of 1.3 million people, a health ministry official said on Tuesday.

Researchers from encryption provider vpnMentor said personal information in the Indonesia Health Alert Card (eHAC) app, often required to be used by travelers, was accessible “due to the lack of protocols put in place by the app’s developers.”

Article continues after this advertisement

Anas Ma’ruf, a health ministry official overseeing data, said the government was looking into the potential breach, but said the potential flaw was in an earlier version of the app, which has not been used since July.

FEATURED STORIES

“The eHAC from the old version is different from the eHAC system that is a part of the new app,” he said. “Right now, we’re investigating this suspected breach”.

The eHAC system is now part of the Peduli Lindungi (Care Protect) app, which the government has promoted for various tracing purposes, including entry at malls.

Article continues after this advertisement

Anas urged people to delete the old app and said the breach might have originated from a partner, without elaborating. He said the current eHAC system was now managed by the government and its safety was “guaranteed”.

Article continues after this advertisement

VpnMentor researchers said the flaw could expose people to phishing or hacking, as well as discourage people from using a COVID-19 tracing app.

Experts say such data breaches point to Indonesia’s weak cyber security infrastructure. In May, authorities also launched an investigation into an alleged breach of social security data from the country’s state insurer.

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our daily newsletter

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

For more news about the novel coronavirus click here.
What you need to know about Coronavirus.
For more information on COVID-19, call the DOH Hotline: (02) 86517800 local 1149/1150.

The Inquirer Foundation supports our healthcare frontliners and is still accepting cash donations to be deposited at Banco de Oro (BDO) current account #007960018860 or donate through PayMaya using this link.

TAGS: COVID-19, data breach, Health, Indonesia

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our newsletter!

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

© Copyright 1997-2024 INQUIRER.net | All Rights Reserved

This is an information message

We use cookies to enhance your experience. By continuing, you agree to our use of cookies. Learn more here.