On September 17, 2023, AnonGhost, a prominent hacktivist group known for their frequent hacktivism campaigns, claimed responsibility for a cyber intrusion into the official website of the Republic of Indonesia's Ministry of Health, commonly referred to as "Kementrian Kesehatan Republik Indonesia" or "Kemkes."
Contained within the data shared on AnonGhost's pastebin were SSH access credentials and web server configurations related to the INA-CBG (Indonesia Case-Based Groups) website affiliated with the Ministry of Health. However, the exact source of the breach remains uncertain, as the data provided includes requests made to the PHP info page of the Kemkes subdomain.
It is crucial to note that the Ministry of Health (Kemkes) has experienced multiple data breaches in the past, making the security of their server infrastructure a matter of significant concern. This recent breach is reminiscent of earlier incidents, including the posting of Kemkes' database on a hacking forum in 2022, exposing a staggering 23 million antigen-related records. In 2023, a breach also occurred at the Covid-19 Yankees Directorate within a Manado hospital.
This recurring pattern of security breaches should serve as a valuable lesson, prompting the Ministry of Health to take proactive measures to fortify their systems and address any vulnerabilities that threat actors may exploit.
By highlighting these events and emphasizing the importance of enhanced cybersecurity measures, we aim to raise awareness within the organization and among the public, ultimately contributing to a more secure digital environment.
0 Comments