AnonGhost Indonesia Claims Responsibility for Hacking PTPN IV Over Alleged Corruption

In recent years, hacktivism in Indonesia has gained prominence, with Indonesian hackers engaging in cyberattacks to protest against perceived corruption or human rights violations. These hacktivist actions often involve targeting government websites, sensitive data disclosures, and other activities aimed at raising public awareness about critical issues.

However, these actions, while motivated by a desire for transparency and justice, have sparked legal controversies and raised concerns about their impact on cybersecurity and online stability.

A recent hacktivist incident has shaken one of Indonesia's state-owned enterprise (BUMN) subsidiaries, namely PTPN IV (PT Perkebunan Nusantara IV). AnonGhost Indonesian, a prominent hacktivist group, claimed responsibility for breaching the company's systems. Their statement, "www.ptpn4.co.id leaked just small parts by AnonGhost Indonesia," was accompanied by hashtags like #BerantasKorupsiPTPN and #UsutKasusPenyelundupanMinyakSawit.

This attack appears to be a response to alleged corruption within PTPN IV, reflecting the group's frustration with the situation. AnonGhost Indonesian went a step further by sharing a Pastebin link in their post, directing users to admin credentials extracted from the company's database containing "id, name, email, password, profile_pic", which they obtained during the breach.

Figure 1: Threat actor exposed credentials PT Perkebunan Nusantara IV

The Pastebin also contained a protest statement, noting that "Korupsi di dalam internal PT ini sangat banyak mencapai lebih dari 5 Milyar perbulannya." These allegations and the data leak have raised serious concerns.

Figure 2:Warning from the PTPN IV company to report violations.

This incident raises multiple concerns for PTPN IV, including the need to bolster their vulnerable systems' security and address the allegations of corruption. It's noteworthy that the company's website prominently encourages individuals to report any instances of misconduct or abuse of authority through provided contact information.

In conclusion, this recent hacktivism incident targeting PT Perkebunan Nusantara IV underscores the ongoing challenges associated with corruption within Indonesian entities. It also highlights the vulnerabilities present in their systems. The situation emphasizes the critical importance of cybersecurity and transparency efforts within Indonesian businesses, as well as the necessity of conducting a thorough investigation into the allegations of corruption.