Indonesia Probes Suspected Data Breach on COVID-19 App – Expert Comments

By   ISBuzz Team
Writer , Information Security Buzz | Sep 01, 2021 04:39 am PST

Indonesia is investigating a suspected security flaw in a COVID-19 test-and-trace app that left exposed personal information and the health status of 1.3 million people, a health ministry official said on Tuesday, according to Reuters.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Trevor Morgan
Trevor Morgan , Product Manager
September 1, 2021 1:11 pm

<p>The report that Indonesia is looking into a security flaw in a COVID-19 test-and-trace app accentuates two key issues around these types of applications. The first concern is that with sensitivities to these types of technologies already heightened by the pandemic and the politics surrounding it, having the threat of exposed PHI definitely means that users and the general public will be wary and more concerned for their data privacy.</p>
<p>The second issue is that software and app developers often inadvertently build in data security vulnerabilities because data security seems to be a lagging concern in the development cycle—either a separate security team factors in data security later in the development cycle or the software developers cut corners in order to get more critical features and functions nailed down and working at the expense of proper data security measures.</p>
<p>The big push is to reposition data security upstream at the requirements and design phases so that data security is factored in by the developers throughout the entire development cycle and the application’s workflow.</p>
<p>Of course, proper design should include data-centric security measures such as protecting sensitive data through format-preserving encryption and tokenization methods. That way, if PHI or other sensitive data is accessed, it is unreadable and therefore cannot be leveraged.</p>

Last edited 2 years ago by Trevor Morgan

Recent Posts

Would love your thoughts, please comment.x