A personal data breach is a security breach that results in damage, loss, alteration, unauthorized data leakage, or access to personal data that is transmitted, stored, or processed unintentionally or unlawfully. This disclosure can occur, for example, for the following reasons:

• Accidental loss: for example, a personal data breach caused by the accidental loss of a USB flash drive containing personal data;
• Theft: for example, a personal data breach caused by the theft of a notebook containing personal data;
• Corporate betrayal: for example, a personal data breach caused by internal parties who, with permission to access personal data, make copies for distribution in the public domain;
• Unauthorized access: for example, a personal data breach caused by unauthorized access to IT systems, with subsequent disclosure of the personal data information obtained.
  
  

Referring to the regulations of the Indonesian Personal Data Protection (Law No. 27 of 2022), you are required to report such breaches to the relevant Supervisory Authority no later than 72 hours after becoming aware of them, as well as communicate the breach to the affected data owners and institution.

To comply with the regulatory requirements and ensure the protection of the personal data of our stakeholders, we have created the following section that allows you to report suspected personal data breaches.