Jakarta, Indonesia Sentinel — Indonesia’s Ministry of Communication and Digital Affairs (Komdigi) has blocked access to the former government COVID-19 tracking website PeduliLindungi, after it was reportedly hacked and used to display online gambling content.
Alexander Sabar, Director General for Digital Space Oversight at Komdigi, confirmed the shutdown on Wednesday, May 21, citing violations of national cybersecurity regulations.
“The site was clearly used to promote illegal online gambling, which is a serious breach of our digital information security standards,” Sabar said in a written statement.
The domain, once a central platform for Indonesia’s public health response during the COVID-19 pandemic, was compromised and redirected visitors to an online gambling page. The breach was first discovered on Monday, May 19, at around noon local time.
Authorities decided to cut access to the domain to prevent further exposure to illicit content and to safeguard public data from potential misuse.
The incident drew sharp criticism online, with many Indonesians expressing concerns about cybersecurity and the protection of personal data once entrusted to the government platform.
Read Also:
Bybit Loses $1.5 Billion in Massive Hack, The Largest Crypto Theft in Hystory
The Ministry of Health clarified that PeduliLindungi paltform had not been under its control since March 2023. In May that year, the platform’s services were integrated into a new digital health system called SatuSehat, with all user data transferred to the updated system.
“Everything related to the PeduliLindungi system has been fully transitioned to SatuSehat,” said Aji Muhawarman, Head of Public Communications at the Health Ministry, in a statement as reported by Tempo.
After the transition, management of the PeduliLindungi site was handed over to Telkom Indonesia. However, the state-owned telecom firm stated it had relinquished control of the domain and associated databases in 2023 when its contract with the ministry ended.
“Telkom officially released ownership of the PeduliLindungi.id domain to the domain registrar on March 28, 2024,” said Sabri Rasyid, Assistant Vice President of External Communication at Telkom.
The breach has reignited debate over digital security, especially on government-run platforms, which have been victim multiple times from cyberattacks.
(Raidi/Agung)