Hackers Leaked 1.5 Terabytes Of Data Belonging To Employees And Customers Of Bank Syariah Indonesia

The internet can be a scary place because anyone with a connection can access it, wherever they are, whenever they want.

At this time, Indonesia, the massive archipelago country of the Southeast Asia, is still haunted by how it became a victim of numerous data breaches.

From the data leak experienced by one of its largest online e-commerce platforms, to citizens social security data that was also leaked, to the fact that even its government-owned electricity company is not immune to data leak, and how a notorious hacker made rounds by leaking billions of sensitive data belonging to citizens and officials, Indonesia is still recovering.

This time, a hacker is adding salt to the wound, by leaking data they stole from the country's largest state-owned sharia bank.

BSI hacked

It all began on May 8th, when BSI took its systems offline.

For days, customers couldn't access their accounts, both through the ATM or through the internet and mobile.

The bank and its CEO, Hery Gunardi, apologized for the inconvenience.

Days later, the bank said that it has returned online, and that all of its services are operational.

[block:block=87]

Just when people are trying to brush it off, and pretend as if nothing happened, news reported that data that is worth at least 1.5 terabytes, is leaking to the internet.

It is said that the massive data dump include customers' and employees’ contact details, financial documents, card details and passwords of the customers, and more.

Hacker group known as the LockBit that claimed to be the culprit behind the hack and the leak, used malicious software LockBit 3.0 that blocks user access to computer systems.

Using the ransomware, the hackers also managed to claim and got hold of BSI’s data.

Following the hack, the hacker and the bank communicated.

At that time, the bank negotiated, and according to a screenshot, the hackers demanded $20 million in ransom.

The bank wanted proof, and asked for at least one of its customers credentials to prove the legitimacy of the alleged hacked data.

BSI hacked

The hackers gave a counter to inform how long the bank had time to think and pay.

Allegedly, the bank refused, or failed to fulfill the hackers' request.

As a result of this, the entirety of what the hackers stole, is being leaked to the internet for everyone to see.

For what it's worth, the data includes personal information of around 15 million BSI customers.

BSI hacked

What makes data breaches like this worrisome is the way it exposes personal, and identifiable information to the public.

In this case, customers of BSI who avoid tax could be easily exposed, and make public attention, and can even be doxxed.

BSI hacked

Making things worse, there can be chances of even more sensitive information, and even credentials for mobile banking, internet banking, email and others to be exposed.

What's more, because of how sensitive the information is, customers who are victims can be prone to even more data extractions, like phishing, and more.

In the digital world where user data is a commodity, information is being traded behind people's back, and huge money is made for those traders. User information is always high in demand.

And BSI customers, as well as its employees, just got unfortunate because there's nothing they can do to get off the hook.