Cyber Incident Victim: Indonesian police

In November 2021, Indonesian authorities launched an investigation following claims by a hacker alleging unauthorized access to the national police server. The incident surfaced when an individual using a now-suspended Twitter account, self-identifying as Brazilian, asserted they had exfiltrated sensitive personal data of approximately 28,000 Indonesian police officers. According to local media reports cited in the coverage, the compromised dataset included officers’ full names, residential addresses, email accounts, phone numbers, and blood type information. The breach represented a significant compromise of law enforcement personnel records, though the specific infiltration methods and duration of unauthorized access remained unconfirmed in available reporting. The national police institution (Polri) publicly acknowledged the claims and initiated a formal probe to verify the hacker’s assertions and assess the scope of the intrusion.

This incident occurred amid a broader pattern of cybersecurity challenges affecting Indonesian entities, with the breach underscoring systemic vulnerabilities in critical infrastructure. While immediate operational disruptions to police services were not reported, the exposure of officers’ personally identifiable information raised concerns about potential harassment, identity theft, or physical security risks targeting law enforcement personnel. The hacker’s use of social media to publicize the breach amplified its visibility, though the suspension of the account limited further dissemination of stolen data via that platform. Authorities focused investigative efforts on validating the authenticity of the leaked data, determining the attack vector, and identifying responsible actors. The event contributed to ongoing national scrutiny of cybersecurity preparedness across Indonesian government institutions following multiple high-profile digital intrusions during this period.