Following reports of an alleged data breach at Politeknik Tonggak Equator, new details suggest the incident may be more extensive than initially believed. The hacktivist group that allegedly targeted the Indonesian polytechnic appears to have exfiltrated a wide array of databases, compromising sensitive institutional, student, and faculty information. The attackers previously posted samples of student and user data on a dark web forum, citing hacktivist motives for the attack.
Further evidence reveals a list of allegedly stolen database files in .csv format, indicating a full-scale compromise of the institution’s web infrastructure. The file names suggest that everything from internal administrative records to student and faculty data has been stolen. This level of access could expose the personal information of the entire academic community associated with the polytechnic and disrupt institutional operations.
The allegedly leaked files indicate the following datasets were compromised:
- Student and Teacher/Lecturer Data (
siswa.csv,guru.csv) - User Accounts (
user.csv) - Study Programs, Departments, and Scholarships (
prodi.csv,jurusan.csv,beasiswa.csv) - New Student Admissions and Promotions (
pmb.csv,promopmb.csv) - Institutional Information (Profiles, History, Vision & Mission, Structure, Facilities)
- Career Center Data (Profiles, Structure, Vision & Mission)
- Alumni Tracking Data (
laptracer.csv) - Contact Lists and Guestbook Entries (
kontak.csv,bukutamu.csv) - Foundation and Announcement Records (
yayasan.csv,pengumuman.csv)