icanflytoo

🚨🇮🇩 LSP Telematika allegedly breached: 14GB+ certification database exposed from Indonesian IT professional records A threat actor claims to be selling a database tied to LSP Telematika, an Indonesian professional certification body for information technology. The actor alleges the exposed dataset contains tens of thousands of records involving assessors and assessees, along with private conversations, decree documents, and company files. ━━━━━━━━━━━━━━━━━━━━ Target: LSP Telematika Sector: Professional Certification / Information Technology Incident: Database Leak Exposure: 14GB+ Actor: Kyyzo Country: Indonesia Date: 16/05/2026 ━━━━━━━━━━━━━━━━━━━━ What’s allegedly included: ▪ Assessee records from certification database tables ▪ Assessor personal data and profile information ▪ Registration numbers and certification-related identifiers ▪ Names, birthplaces, birth dates, ages, and email fields ▪ Phone numbers, identity number fields, and address-related data ▪ Private conversations and decree-related documents ▪ Personal company document files linked to certification activity Potential impact: The exposed data could be used for identity theft, phishing, credential targeting, impersonation, and social engineering against Indonesian IT certification participants and assessors. Status: Unverified underground forum claim. The actor posted database samples and described the release as part of an extortion-driven follow-up leak. Stop guessing what's redacted. Subscribers see everything → https://t.co/281Qjc6p2J

🇮🇩 [DATA LEAK] Dunia Games Database Allegedly Exposed A threat actor is claiming to leak data Dunia Games (Indonesia) on a dark web forum. Claimed data includes: • NIK (National ID – Nomor Induk Kependudukan) • Phone numbers • NIP (Employee ID – Nomor Induk Pegawai) • Structured SQL inserts (suggesting database extraction) ⚠️ Initial assessment: • Presence of NIK + phone numbers → highly sensitive personal data • SQL format indicates potential direct database dump, not simple scraping • Could impact both: • Users • Internal personnel (due to NIP fields) 🎯 Risk perspective: • High risk of: • Identity theft (NIK is critical identifier in Indonesia) • SIM swap / smishing campaigns • Targeted fraud leveraging verified identity data • Even limited samples are enough to: • Validate dataset authenticity • Enable targeted attacks at scale 🔐 Recommended actions: • For organization: • Validate breach claim immediately • Investigate database exposure vectors (SQLi, misconfig, API leakage) • Rotate credentials and restrict DB access • For users: • Be alert for phishing / SMS scams • Avoid sharing additional personal information Current status: Unverified – but HIGH RISK due to national ID exposure #DDW #Intelligence #DataLeak #CyberThreat #OSINT #DarkWeb

[+] Free Database Samples https://t.co/lpQVU0vvlb [+] - https://breached[.]st/threads/free-database-samples-dukcapil-kemendagri-go-id.86745/ 🇮🇩 Indonesia - Directorate General of Population and Civil Registration (Dukcapil) Indonesia Dukcapil Data Breach Alleged Indonesia's Directorate General of Population and Civil Registration (Dukcapil), responsible for civil registration and population data management, has allegedly been compromised. Samples of its database were reportedly made available for free on an underground forum. The allegedly compromised data includes: database samples. Dukcapil, Government, Indonesia, Data Breach, Civil Registration, Data Leak, Cybersecurity Indonesia 🇮🇩 - The Directorate General of Population and Civil Registration (Dukcapil), a key government agency, has allegedly suffered a data breach, exposing database samples reportedly made available for free online.

🇮🇩 A threat actor on a cybercrime forum is claiming to have leaked sample data allegedly with Indonesia’s state electricity company PLN (https://t.co/jfyYatYuKl). According to the post, the exposed sample allegedly contains: • NIK (Indonesian national identity numbers) • Phone numbers • Email addresses • Employee IDs (NIP) • Bank account numbers • NPWP tax identification numbers The actor also shared snippets of SQL-style insert statements as proof-of-claim samples. At this time, the claims remain unverified, and there is no official confirmation regarding the authenticity or scale of the alleged data exposure. If confirmed, exposure of national identity and financial-related records could create elevated risks including: • Identity theft • Financial fraud • SIM swapping and phishing attacks • Credential stuffing campaigns • Targeted social engineering against employees and customers #DDW #Intelligence #Indonesia #CyberSecurity #DataLeak #DarkWeb #InfoSec

🇮🇩 A threat actor is claiming to have leaked data allegedly linked to Coretax DJP https://t.co/jLr5Ibj366, associated with Indonesia’s Directorate General of Taxes. The underground post references “CORETAX” infrastructure and suggests the data may involve government-related tax systems or associated services. At this stage, the authenticity and scope of the alleged leak remain unverified. Daily Dark Web is monitoring the situation for additional evidence or confirmation. #DDW #Indonesia #Coretax #DJP #CyberSecurity #DataLeak #DarkWeb #ThreatIntel

🇮🇩 A threat actor is claiming to leak data allegedly associated with Indonesia’s Constitutional Court (Mahkamah Konstitusi Republik Indonesia - MKRI). At this stage, no verified technical evidence or publicly confirmed samples have been provided to validate the authenticity or scope of the alleged breach. The claims remain unverified. #DDW #Indonesia #MKRI #CyberSecurity #DataLeak #ThreatIntel #InfoSec #DarkWeb

🇮🇩 A threat actor is claiming to have leaked data allegedly associated with Indonesia’s Ministry of Home Affairs (Kementerian Dalam Negeri Republik Indonesia). At this time, no official confirmation or independently verified technical evidence has been released to validate the authenticity or scope of the alleged breach. The claims remain unverified. #DDW #Indonesia #CyberSecurity #DataLeak #ThreatIntel #InfoSec #DarkWeb #Government

📢 Ransomware Alert: 🇮🇩 Medika Plaza Indonesia (https://t.co/Y3TPcTjONo), a Indonesia-based medical practice firm, has reportedly fallen victim to BASHE ransomware. NB: The group intends to publish the data within 15-16 days. 🔍Key Details: 🛡️Threat actor: BASHE 📅 Reported on: 27/04/26 ⚠ Data Compromised: 15 GB