Hack Read -
The incident took place after the Elasticsearch server used by eHAC developers exposed the data due to misconfiguration.
According to Indonesian health ministry official Anas Ma’ruf, the country’s COVID-19 test and trace application had an inherent security flaw due to which the personal information and health status of around 1.3 million individuals got exposed.
Ma’ruf, who is responsible for supervising the data, further explained that the government is investigating the potential breach.
Previous version of the app impacted
The Health Ministry official admitted that the flaw was identified in an earlier version of the app and that the app hasn’t been updated since July 2021. The new eHAC system that’s included the latest version is different from the older version, Ma’ruf said.
SEE: Tokopedia hacked – Login details of 91 million users sold on dark web
This system is now part of the Peduli Lindungi/Care Protect app,
The article Indonesian Govt’s COVID-19 test, trace app leak impacting 1.3m users originally appeared on Hack Read.