Indonesian National Police clarifies no eHAC data leak

Indonesian National Police clarifies no eHAC data leak

Head of the Public Relations Division of the National Police Inspector General Argo Yuwono. (ANTARA/HO-Divisi Humas Polri/rst)

Jakarta (ANTARA) - The Indonesian National Police has investigated the alleged leak of public data in the Electronic Health Alert Card (eHAC) system, and no attempts were found to retrieve user data on the application server.

"Results of the investigation conducted by the National Cyber Police against the Ministry of Health and partners of the Ministry of Health found no attempts to retrieve data on the eHac server," Head of the Public Relations Division of the National Police Inspector General Argo Yuwono stated via a short message received by ANTARA on Tuesday.

Yuwono remarked that the Cyber Police had stopped the investigation after confirmation was received on no expropriation of the eHAC user data.

"It was stopped since yesterday," he noted.

From the investigation results, Yuwono ensured that the modern version of the health alert card application, developed by the Ministry of Health, was safe for use by the public.

"Yes, it is safe," Yuwono stated.

Related news: eHAC data leak still under investigation: police

He also appealed to the public to use the PeduliLindungi application with the latest e-Hac feature integrated into it.

Head of the Indonesian Ministry of Health's Data and Information Center, Anas Ma'ruf, had earlier emphasized that public data in the eHAC system was not leaked and was under protection.

"Community data contained in eHAC does not flow to partner platforms. Meanwhile, community data on partner platforms is the responsibility of the electronic system operator, in accordance with the mandate of Law Number 19 of 2016 on Electronic Information or the ITE Law," Ma'ruf remarked at the online press conference on Sept 1.

Ma'ruf noted that the Ministry of Health was thankful for the inputs from those who furnished information on the vulnerability, so it could be followed up to avoid greater cybersecurity risks.

Information on the vulnerability found on the eHAC partner platform was reported by VPN Mentor, a site that focuses on Virtual Private Networks (VPN), and has been verified by the National Cyber and Crypto Agency (BSSN) and received by the Ministry of Health on August 23, 2021.

The Health Ministry then traced and found vulnerabilities in the eHAC partner platforms. The respective platforms have taken action and made improvements to partner systems.  

Related news: Health Ministry ensures no data leak in PeduliLindungi apps