Sig.id

In mid-2022 the Indonesian digital signature and identity verification service Sig.id experienced a significant data exposure. The incident originated from a misconfigured database that was accessible via the internet without authentication. Security researchers discovered that the exposed records contained sensitive personal details of users who utilized the platform for electronic signatures and legal document verification. The breach highlighted vulnerabilities in how identity providers store and protect cryptographic and personal identifiers in the Southeast Asian fintech sector.