Another discovery was unveiled after our dark web researchers found a threat actor selling a massive database in a hacking forum that contained confidential documents owned by local and foreign companies in Indonesia.
With a username of ‘toshikana,’ this threat actor posted and advertised the stolen database on a hacking forum, adding that the involved Indonesian companies’ have revenue that allegedly goes beyond $50 million.
The threat actor also disclosed some names of these victimised big-time corporations in Indonesia, including Microsoft, Hyundai, AT&T, CSCEC, PwC, China Railway Group Limited, Huawei Tech Investment, Mckinsey, Prudential Life Assurance, and more.
In total, about 350GB worth of data was unarchived from the companies in Indonesia.
Based on our investigations, the massive 350GB of data stolen by the threat actor from the Indonesian companies hold more than 21,000 folders containing highly sensitive corporate information. The advertised stolen data was published on an underground hacking forum last August 16, starting at $50,000 for those interested to avail.
We have also gathered information about which corporate details are found inside the stolen database. These files include ID cards, tax ID of directors and commissioners, company tax ID, shareholder ID cards, several passports of company executives, deed of company establishment and deed of company amendment, taxable entrepreneur confirmation letter, company registration, business license, financial statements, profit loss statement, records of transfer, account statements, annual tax return, certificate of domicile, bank reconciliations, and more.
With the vast number of sensitive details that the hacker has stolen from the affected companies, we believe that any other threat actor that could get its hand on it would surely use it for malicious cybercrime activities, such as identity theft and phishing campaigns.
While there are no further updates about this data breach incident, our security experts strongly recommend the affected entities from Indonesia be extra cautious about their online activities. The victims must also observe if there are any suspicious behaviours from hackers using the compromised data and report them to authorities at once.
