This recent data leak, which is claimed to have been compromised since September 2023, originated from the "portal.pln.co.id" domain and exposed a total of 44 million data records. The sheer volume of data for sale is staggering, considering PLN's portal encompasses three sections: web.pln.co.id, layanan.pln.co.id, and stimulus.pln.co.id.

The source of this breach remains uncertain, but the data offered by the threat actor "RRR" includes a plethora of sensitive information such as user_id, meter_id, meter_no, number, name, alias_name, no_ktp, email, phone, npwp, npwp_name, npwp_address, type, unitup, unitupi, namaup, energy_type, energy, fasa, is_splu, meter_kwh_number, peruntukan_id, keperluan_kd, rpujl, address, kode_pos, latitude, longitude, kode_prov, kode_kab, kode_kec, kode_kel, nama_prov, nama_kab, nama_kec, nama_kel, rt, rw, tahun_produksi, source, have_plts, have_estove, id_kompor.

Even though the data structure looks different, some of the data looks similar if you look closely, but it is still not known for certain whether the data is old or new because from PLN itself there has been no confirmation or statement regarding this recent leak. 

Read more : https://www.cyberdefenseinsight.com/2023/10/pln-hit-by-another-data-breach-44.html?m=1 

*Beware click the link!