900 Thousand of Kreditplus User Data Leaked and Sold on Hacker Forums

Leakage of personal data reoccurred and this time it happened to the KreditPlus online financial and loan platform. Based on reports, there are around 896 thousand of KreditPlus user data that have been leaked and sold.

This leak was reported by a researcher and cybersecurity consultant Teguh Aprianto through his Twitter account @secgron. He shared a screenshot in the form of a CreditPlus user data offer by a Megadimarus account in one of the hacker forums, RaidForums.

Based on HaveIBeenPwned data leak tracking site, leaked data of KreditPlus users includes KTP number, full name, date of birth, email address, office name, family member name, gender, monthly salary, marital status, mother’s name, handphone number, spouse name, and religion.

As for the security of the KreditPlus account, Teguh said there was no leakage. As for the password data of KreditPlus users who have leaked it is still in the form of bcrypt or hash so hackers still have to penetrate the security system again to read it.

The Leak Occurred since June 2020

The data leak itself occurred precisely on June 23, 2020. However, the credit account seller of the KreditPlus data was only uploaded on June 27, 2020, by Megadimarus. In RaidForums, Megadimarus is known to have a pretty good reputation. This is indicated by the title as GOD.

KreditPlus data has actually been shared for a long time in the middle of last month. Precisely on July 16 RaidForums members with the name ShinyHunters.

However, ShinyHunters was actually not the first Raid Forum user to upload the leaked KreditPlus customer data. Based on the report Teguh Aprianto, cybersecurity researcher who was the first to uncover this case, the data of the KreditPlus customer was first uploaded on 27 June 2020.

At this time, the coil can no longer find posts uploaded by Megadimarus. However, ShinyHunters’ posts are still accessible on the Raid Forum.

Teguh said that although the incident had been known by KreditPlus since June, there has been no response from the online loan platform to date. “It’s been from June and there was no response at all from them,” Teguh said.

Teguh said that the leak and sale of this data could be detrimental to users. One impact that could have happened is fraud or social engineering. The data owner can misuse the leaked data of KreditPlus users to take action on behalf of others.

“The data will definitely be misused which then causes various losses in the future,” Teguh explained.

Kreditplus Acknowledge Data Leaks on the Platform

The fintech company KreditPlus acknowledges the leak of user data. This was conveyed by the Director of KreditPlus, Peter Halim, in a written statement, Wednesday (5/8/2020). “The results of our interim investigation show the existence of data theft by unauthorized third parties related to consumer credit information Plus,” said Peter.

Related to that, Peter said that his party had investigated this case in depth by involving cybersecurity consultants, digital forensic experts, and authorities. He also said that KreditPlus would immediately report cases of this data leakage to the Siber and Sandi Negara (BSSN) Agency.

In anticipation of security, Peter urged consumers to always activate the one-time password (OTP) security system, and not give the code to others to avoid unwanted things. “We always remind consumers to be careful not to give OTP codes and passwords to other parties including those on behalf of KreditPlus for any reason,” Peter explained.

Previously, a cybersecurity firm from the United States, Cyble, said that personal data belonging to around 890,000 CreditPlus customers had been leaked and sold on the internet, precisely in a hacker discussion forum called Raidforums.

The database collects a number of users’ personal data that is quite sensitive, including their names, e-mail addresses, passwords, home addresses, telephone numbers, work and company data, and family card data.