Incident: Security Flaw in Indonesia's COVID-19 App Exposes 1.3 Million.

Published Date: 2021-08-31

Postmortem Analysis
Timeline 1. The software failure incident of the suspected security flaw in the Indonesia Health Alert Card (eHAC) app happened before July 2021 as the article mentions that the potential flaw was in an earlier version of the app, which has not been used since July [117909]. Therefore, the software failure incident likely occurred before July 2021.
System 1. Indonesia Health Alert Card (eHAC) app - earlier version [117909]
Responsible Organization 1. The developers of the Indonesia Health Alert Card (eHAC) app were responsible for causing the software failure incident as they did not have proper protocols in place, leading to the exposure of personal information and health status of 1.3 million people [117909].
Impacted Organization 1. Personal information and health status of 1.3 million people in Indonesia were impacted by the security flaw in the COVID-19 test-and-trace app [117909].
Software Causes 1. The software failure incident in the Indonesia Health Alert Card (eHAC) app was caused by a suspected security flaw that left personal information and health status of 1.3 million people exposed due to the lack of protocols put in place by the app's developers [117909].
Non-software Causes 1. Lack of protocols put in place by the app's developers [117909] 2. Potential breach originating from a partner without elaboration [117909]
Impacts 1. Personal information and health status of 1.3 million people were left exposed due to the security flaw in the Indonesia Health Alert Card (eHAC) app, potentially putting individuals at risk of phishing or hacking attempts [Article 117909].
Preventions 1. Implementing robust security protocols and encryption measures in the app to protect personal information and health status data [117909]. 2. Conducting thorough security audits and testing of the app to identify and address any vulnerabilities before deployment [117909]. 3. Regularly updating and maintaining the app to ensure that any identified flaws or weaknesses are promptly fixed [117909]. 4. Providing adequate training and awareness to developers and partners on best practices for data security and privacy protection [117909].
Fixes 1. Implementing robust security protocols and encryption measures to safeguard personal information in the app [117909]. 2. Conducting thorough security audits and regular vulnerability assessments to identify and address potential flaws in the software [117909]. 3. Ensuring proper oversight and monitoring of third-party partners to prevent security breaches originating from external sources [117909]. 4. Promptly updating and maintaining the software to address any identified vulnerabilities and enhance overall security [117909].
References 1. Encryption provider vpnMentor [117909] 2. Anas Ma'ruf, a health ministry official overseeing data [117909]

Software Taxonomy of Faults

Category Option Rationale
Recurring one_organization (a) The software failure incident related to the exposure of personal information and health status of 1.3 million people due to a suspected security flaw in the Indonesia Health Alert Card (eHAC) app happened within the same organization, as mentioned in the article [117909]. The incident occurred in the eHAC app, which is now part of the Peduli Lindungi (Care Protect) app, managed by the government. Anas Ma'ruf, a health ministry official, stated that the potential flaw was in an earlier version of the app, which has not been used since July. The government is investigating the suspected breach, and the current eHAC system is now managed by the government with guaranteed safety. (b) There is no specific mention in the article about a similar incident happening at other organizations or with their products and services.
Phase (Design/Operation) design (a) The software failure incident in the article is related to the design phase. The incident occurred due to a suspected security flaw in the COVID-19 test-and-trace app in Indonesia. Researchers from encryption provider vpnMentor pointed out that personal information in the Indonesia Health Alert Card (eHAC) app was accessible "due to the lack of protocols put in place by the app's developers" [Article 117909]. This indicates that the failure was due to contributing factors introduced during the development of the app, specifically related to the design and security protocols implemented by the developers.
Boundary (Internal/External) within_system (a) The software failure incident related to the suspected security flaw in the Indonesia Health Alert Card (eHAC) app appears to be within the system. The flaw was attributed to the lack of protocols put in place by the app's developers, indicating an internal issue with the app itself [117909].
Nature (Human/Non-human) non-human_actions, human_actions (a) The software failure incident in the article was related to a suspected security flaw in the Indonesia Health Alert Card (eHAC) app, which left personal information and health status of 1.3 million people exposed. Researchers from encryption provider vpnMentor mentioned that the personal information was accessible due to the lack of protocols put in place by the app's developers, indicating a failure due to contributing factors introduced without human participation [117909]. (b) On the other hand, the article also mentioned that the potential flaw in the app was in an earlier version that has not been used since July. Anas Ma'ruf, a health ministry official, stated that the breach might have originated from a partner, without elaborating. This suggests that there could have been contributing factors introduced by human actions, such as potential oversight or negligence during the development or maintenance of the app [117909].
Dimension (Hardware/Software) software (a) The software failure incident reported in the article is related to a suspected security flaw in a COVID-19 test-and-trace app used in Indonesia. The flaw exposed personal information and the health status of 1.3 million people. This incident is attributed to a lack of protocols put in place by the app's developers, indicating a software-related issue rather than a hardware-related one [117909].
Objective (Malicious/Non-malicious) malicious, non-malicious (a) The software failure incident in the article is related to a suspected security flaw in the Indonesia Health Alert Card (eHAC) app, which left exposed personal information and the health status of 1.3 million people. Researchers from encryption provider vpnMentor highlighted that the personal information was accessible due to the lack of protocols put in place by the app's developers. This indicates a malicious software failure incident where the system's security was compromised, potentially exposing users to phishing or hacking attempts [117909]. (b) On the non-malicious side, the article mentions that the potential flaw was in an earlier version of the app, which has not been used since July. Anas Ma'ruf, a health ministry official, stated that the current eHAC system is now part of the Peduli Lindungi (Care Protect) app, which the government has promoted for various tracing purposes. He also mentioned that the current eHAC system is managed by the government and its safety is guaranteed. This suggests that the government took steps to address the security flaw and ensure the safety of the system, indicating a non-malicious response to the incident [117909].
Intent (Poor/Accidental Decisions) poor_decisions (a) The software failure incident related to the suspected security flaw in the Indonesia Health Alert Card (eHAC) app was primarily due to poor decisions made by the app's developers. According to researchers from encryption provider vpnMentor, personal information in the app was exposed "due to the lack of protocols put in place by the app's developers" [Article 117909]. This lack of proper protocols indicates poor decision-making in the development and implementation of the app, leading to the security vulnerability that exposed personal information and health statuses of 1.3 million people.
Capability (Incompetence/Accidental) development_incompetence (a) The software failure incident in the article is related to development incompetence. Researchers from encryption provider vpnMentor pointed out that personal information in the Indonesia Health Alert Card (eHAC) app was accessible "due to the lack of protocols put in place by the app's developers" [117909]. This indicates that the failure was due to contributing factors introduced due to the lack of professional competence by the developers or the development organization.
Duration temporary The software failure incident related to the security flaw in the Indonesia Health Alert Card (eHAC) app was temporary. The incident was due to a suspected security flaw in an earlier version of the app, which has not been used since July. The current eHAC system is now part of the Peduli Lindungi (Care Protect) app, which the government has promoted for various tracing purposes, including entry at malls. Anas Ma'ruf, a health ministry official, mentioned that the current eHAC system is managed by the government and its safety is "guaranteed" [117909].
Behaviour value, other (a) crash: The software failure incident in the article is not described as a crash where the system loses state and does not perform any of its intended functions [117909]. (b) omission: The software failure incident in the article is not described as an omission where the system omits to perform its intended functions at an instance(s) [117909]. (c) timing: The software failure incident in the article is not described as a timing issue where the system performs its intended functions correctly, but too late or too early [117909]. (d) value: The software failure incident in the article is related to a potential security flaw in a COVID-19 test-and-trace app that left exposed personal information and health status of 1.3 million people, indicating a failure due to the system performing its intended functions incorrectly [117909]. (e) byzantine: The software failure incident in the article is not described as a byzantine failure where the system behaves erroneously with inconsistent responses and interactions [117909]. (f) other: The software failure incident in the article involves a suspected security flaw in the COVID-19 test-and-trace app, potentially leading to data breaches and exposing users to phishing or hacking. This behavior could be categorized as a security vulnerability or a breach of confidentiality, which is not explicitly covered in the provided options [117909].

IoT System Layer

Layer Option Rationale
Perception None None
Communication None None
Application None None

Other Details

Category Option Rationale
Consequence harm, property, theoretical_consequence The consequence of the software failure incident mentioned in the article is related to potential harm and theoretical consequences: - Harm: The software failure incident exposed personal information and the health status of 1.3 million people, which could potentially harm them by exposing them to phishing or hacking attempts [117909]. - Theoretical_consequence: The article discusses that the data breach could discourage people from using a COVID-19 tracing app, which could have potential consequences on public health efforts [117909].
Domain health (a) The failed system was related to the health industry as it involved a COVID-19 test-and-trace app used by 1.3 million people in Indonesia [117909]. The app, known as the Indonesia Health Alert Card (eHAC), was designed for tracing purposes, including entry at malls, as part of the country's efforts to manage the COVID-19 pandemic.

Sources

Back to List