Data Breach - Indonesian Vehicle & Property listing company

Note:  Several attempts over the last 3 weeks have been made in order to contact or it's parent company AstraDigital across various methods.  To date, there has been no response from on the reported issues. An email to Indonesia Computer Emergency Response Team also was sent with no response.

Intro is a Automotive and Property listing company in Indonesia which runs a website for individuals who are looking to rent/buy automobiles or housing. has failed to take adaquate measures to protect it's ElasticSearch server, which is logging detailed API calls. Those API calls contain user details including email and clear text passwords.  Over 100,000 user records have been exposed.

Any encountered email with clear-text password has been sent to Have I Been Pwned.


There is nothing too exciting about this one. The typical lapse in following security standards in securing customer data.

During one of my data scans I came across an unsecured ElasticSearch server with 168 indexes containing over  33 million records of APIs calls for the website. A subset of those API calls contained a "user login" record which contains the clear-text password suppied by the end user.

Sample Record

  "_index": "seva-middleware2019.01.08",
  "_type": "logs",
  "_id": "hrROK2gBzseFugIRCOll",
  "_score": 1,
  "_source": {
    "name": "seva-middleware",
    "hostname": "sevaprod000000E",
    "pid": 19689,
    "listener": "admin-ajax:main",
    "ip": ",",
    "query": "ast_login_user",
    "level": "info",
    "action": "ast_login_user",
    "email": "",
    "password": "15XXXXXXXXXXXX",
    "ga_clientId": "619150287.1546861143",
    "v": 0,
    "@timestamp": "2019-01-08T02:31:33.089Z",
    "message": ""

After viewing a sample subset of the records, it is estimated that there  are over 100,000 users and password combination records (min 78,000 verified in sample data).

Note to Users

If you are user I suggest you contact Seva or AstraDigital and demand that they secure thier ElasticSearch Server ASAP!

Show Comments