BRI Allegedly Affected By Ransomware, Safe Customer Data And Funds?
JAKARTA - Bank Rakyat Indonesia (BRI) is suspected of experiencing a ransomware attack. This news was first reported by cybersecurity company Falcon Feeds on Wednesday, December 19 evening.
"The Ransomware warning. Bank Rakyat Indonesia, has become a victim of Bashe Ransomware," Falcon Feeds wrote on X, while including a screenshot of the hack.
Meanwhile, the account X @IndoPopBase explained that the attacker threatened to interfere with the service or leak sensitive data if the ransom demands were not met until the December 23 deadline.
However, through the BRI's official X account, they ensure that until now the customer data and funds remain safe. The entire BRI banking system is also running normally and all transaction services are running smoothly.
Sobat BRI, Kenyamanan dan keamanan Anda adalah prioritas kami! BRI memastikan transaksi Anda berjalan lancar dan aman. Kami memastikan bahwa sistem dan transaksi BRI berjalan normal dan keamanan data terjaga.#BRI#BriliandanCemerlang pic.twitter.com/Nfup6KTsRN
— BANK BRI (@BANKBRI_ID) December 18, 2024
BRI Friends, Your comfort and security are our priority! BRI ensures that your transaction runs smoothly and safely. We ensure that BRI's systems and transactions run normally and data security is maintained. #BRI#Brilian and Cemerlang pic.twitter.com/Nfup6KTsRN
"Customers can still use the entire BRI banking service system, including digital banking services such as BRImo, QLola, ATM/CRM, and other BRI services as usual with maintained data security," wrote BRI.
As one of the largest banks in Indonesia, BRI claims that the information technology security system they have has met international standards and continues to be updated regularly to deal with various potential threats.
However, they will continue to take proactive steps to ensure that customer information remains safe and protected.
Launching an explanation from cybersecurity firm Vectra AI, Bashe is an Advanced Persistent Threat (APT) previously known as APT73 or Eraleig, emerged in 2024 with tactics resembling LockBit.
In his attack, Bashe usually targets important industries in various developed countries and utilizes data extortion through Torsi-based Data Leaks Site (DLS).
Bashe's DLS structure includes parts of "Relation to Us," How to Buy Bitcoin, "Web Security Bug Bounty," and "Mirrors", identical to what is seen in LockBit settings.