BSI Data Spreads on Dark Web as System Allegedly Still Down
17 May 2023 22:58 WIB
TEMPO.CO, Jakarta - The cybersecurity breach on Bank Syariah Indonesia’s online banking system has yet fully recovered one day after most of its data was leaked to the dark web by a ransomware group dubbed Lockbit. The breachers initially demanded BSI to make a payment which was not met until the end of the deadline on May 16.
It is suspected that the ransomware involved data encryption up to BSI's backup data. The indication is the self-recovery process that has been running for more than a week since Lockbit launched its attack on May 8.
The failed system recovery is reflected in the complaints from customers on Twitter to this day. The depth of the complaint by the bank’s customers involves blocked balances, unclear fund transfers, as well as the BSI mobile banking application that is still down.
BSI Corporate Secretary Gunawan A. Hartoyo, through a written statement on Tuesday, still stated that customer data and funds are safe and that customers can transact normally.
"We hope customers remain calm. We will also cooperate with authorities related to the issue of data leak," he said.
Asked separately, cybersecurity consultant and founder of Ethical Hacker Indonesia Teguh Aprianto, revealed that Lockbit had leaked 8,133 files belonging to BSI last Tuesday. Personal information of 24,437 BSI employees and internal documents were included in the list that had been leaked earlier.
Customer data is also confirmed to have been leaked. Among them is the customer's personal data information along with customer loan information at the bank.
"People who have been contacted by BSI are also confirmed to have had their cellphone numbers leaked in the call_history.csv database (10 GB)," Teguh said.
On the same day, Lockbit also leaked the alleged conversation it had with the BSI. In it, it was revealed that the ransom requested was US$20 million, which was negotiated to US$100,000 before it rose to US$10 million and communication from Lockbit was no longer reciprocated.
Editor's Choice: Cybersecurity Firm Kaspersky Claims Ransomware Attacks Spiked in 2023
Click here to get the latest news updates from Tempo on Google News