BSI Error, Cyber Security Expert Calls Customer Data Stolen

JAKARTA - The mobile banking service of PT Bank Syariah Indonesia Tbk (BSI) has been in error since Monday, May 8, 2023. It is suspected that this disturbance was caused by a ransomware attack.

Cybersecurity expert Teguh Aprianto through his tweets on Twitter confirmed the truth of this.

"After yesterday all @bankbsi_id services went offline for several days on the grounds of maintenance, today it is confirmed that they were victims of ransomware," Teguh wrote, quoted on Saturday, May 13.

Teguh said that at least the total data stolen was 1.5 TB, including 15 million user data and passwords for the internal access and services they used.

"In addition, this leak also includes employee data, financial documents, legal documents, NDA etc," continued Teguh.

He detailed that the leaked customer data included names, cellphone numbers, addresses, account balances, account numbers, transaction history, account opening dates, job information and other information.

Previously in an official statement received by VOI on Wednesday, May 10, BSI President Director Hery Gunardi said that BSI was still investigating cyber attacks.

"This needs further proof through audits and digital forensics. We continue to coordinate with various parties, both regulators and the government," said Hery.

Hery emphasized BSI's commitment as a banking institution to continue to strengthen cyber defense and security, especially for the benefit of customers.

He stressed that his party continues to remind customers to continue to maintain vigilance and be careful of various forms of fraud and digital crimes on behalf of Bank Syariah Indonesia.

"Once again, we apologize for this inconvenience and thank you for the support and trust given to BSI," he concluded.