eHAC Data Breach Exposes Users Personal Information
Translator
Ricky Mohammad Nugraha
Editor
Petir Garda Bhwana
Rabu, 1 September 2021 13:21 WIB
Hacker illustration. mic.com
TEMPO.CO, Jakarta - A recent report by vpnMentor researchers, Noam Rotem and Ran Locar, suggests that the Indonesian Health Ministry experienced a major data breach and exposed 1.3 million users’ electronic health alert card or eHAC personal information.
VpnMentor’s data breach summary broke down the various types of data exposed, which is related to Covid-19 test data as follows.
Passenger ID and type (including domestic and international travelers)
Hospital ID
Queue number while doing this test
Reference number
Address and time for home visit
Test type (PCR, rapid antigen, etc.), date, and place
Test result and date issued
eHAC document ID
Data from 226 hospitals and clinics in Indonesia was also exposed:
Hospital details (ID, name, country, license number, address and exact location (with coordinates), phone and WhatsApp number, opening hours)
Name of the responsible person for the passenger
Name of the passenger’s doctor
Hospital capacity
Allowed test types in the hospital
Information about how many tests were done each day
Which type of passengers are allowed in this hospital