PT Jasamarga Tollroad Operator
| Primary URL | Location | Industry | jasamarga[.]co[.]id |
Country
Indonesia
|
Transportation
|
|---|
Profile
PT Jasamarga Tollroad Operator, also known as JMTO, is an Indonesian company engaged in the operation and management of toll roads. Its primary activities include the collection of toll fees, maintenance of road surfaces, and oversight of traffic flow on the highways under its concession. The firm serves motorists using the toll road network in Indonesia, providing a service that supports domestic transportation and logistics. As a toll road operator, JMTO is responsible for ensuring the safety and reliability of the infrastructure it manages, coordinating with government agencies and contractors for upgrades and repairs. The company also operates a dedicated application for customers to access account information and make payments, as indicated in the disclosure following the 2022 cyber incident.
The organisation's headquarters are located in Indonesia, situating it within the country's rapidly expanding transportation sector. JMTO distinguishes itself through its focus on toll road concession management, a niche that requires compliance with national regulations governing public‑private partnerships in infrastructure. While specific ownership details are not provided in the source material, the firm functions as a standalone operator within the broader Jasamarga corporate group. In August 2022, JMTO experienced a cyberattack by the threat group DESORDEN, which resulted in the unauthorized access to 252 gigabytes of data from five of its servers. The compromised data reportedly encompassed user, customer, employee, corporate, and financial information, although the company later stated that no customer data from its dedicated application was affected. After the breach, JMTO disabled the impacted servers, initiated data recovery, migrated systems to more secure infrastructure, and addressed identified vulnerabilities. DESORDEN subsequently confirmed that the exfiltrated data consisted solely of corporate and employee information, while highlighting ongoing security weaknesses in the operator's network. No ransomware was deployed during the intrusion.
