Security News > 2021 > September > Indonesian authorities probe million-record leak from national COVID app

Indonesia's Ministry of Communications and Informatics is investigating a leak of over a million records from the nation's COVID-19 quarantine management app.

News of the leak was revealed on August 30th by security review site vpnMentor, which wrote that its research team discovered exposed databases generated by eHAC, an app that is mandatory for use by travellers moving into and out of Indonesia, or within its borders.

VpnMentor says its researchers found the data by using "Large-scale web scanners to search for unsecured data stores containing information that shouldn't be exposed".

Local media suggest a Health Ministry official has advised users to upgrade to a more recent version of eHAC, as the leak only impacts a version of the app that was discontinued in early July 2021.

VpnMentor warns of all sorts of unpleasant things that could befall those whose personally identifiable information was exposed in the leak.

The leak is Indonesia's second health data mess in recent months, after the May 2021 information breach at the national health insurance scheme.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/09/01/indonesia_ehac_covid_app_pii_leak/