JournalNusantara.com - Waduh, data error yang dialami BSI beberapa waktu yang lalu diduga ulah hacker Lockbit. Isu tersebut tentu saja membuat was-was para nasabah setia BSI. Akun Twitter @darktracer_int mengungkapkan bahwa periode negoisasi gang hacker Lockbit Ransomware dan Bank Syariah Indoensia telah berakhir. Hacker tersebut akhirnya merilis data yang dicuri dari Bank BSI secara publik ke dark web.
Baca Juga: KPK Ungkap Pentingnya Keterbukaan Informasi
"The negotiation period has ended, and the LockBit ransomware group has finally made all the stolen data from Bank Syariah Indonesia public on the dark web," tulis @darktracer_int pada Selasa, 16 Mei 2023.
@darktracer_int juga menyertakan tangkapan layar index data yang berhasil dicuri dari Bank BSI serta surat peringatan dari kelompok hacker Lockit Ransomware.
Kelompok data yang dicuri antara lain data RCEO, Sekretaris, Retail Banking, Wholesale Banking, Financing Risk & Recovery, Operational, Business Control, Berkas Rumah Dinas BSI, Databases, Dokumen Syarat Akad 19 April 2022, dan sebagainya
Baca Juga: Aktifis Anti Korupsi Minta Penegak Hukum Cianjur Selidiki Kasus Potongan Bantuan untuk Pesantren
Berikut surat peringatan kelompok hacker Lockbit Ransomware dalam bahasa inggris dan terjemahan:
"bankbsi.co.id
Our recommendations to all customers who suffered from the irresponsibility and incompetence of these people:
- Most importantly, stop using BSI. These people do not know how to protect your money and personal information from criminals. They couldn't even get their site up in a week. The best these little crooks can do is lie to their client's face, delete comments on Twitter and grow a belly.
- Ask your family and friends to stop using BSI. This is an equally important point because our warning about this bank's irresponsibility will not reach all BSIcustomers.
- BSIshould compesate you for the trouble you have caused. If you find even a line about yourself (you will find it) - go to court, mak class action lawsuits againts BSI. The violated data privacy laws by leaking informastion and making you wait and worry while the "technical work" was going in, when they could have paid us and it would have worked the same day.
We did not disclose the vulnerability in BSI systems and the compromised bank staff, so we kept a small part of the most interesting data for ourselves fo post-exploitation. See you soon.
BSI DATA:
(Sensor)
P.S About the correspondence attached to this post.
It's preety stupid to think that in time we spent on the BSI corporate network before we attack (about 2 months) we wouldn't have able to find and steal everything we needed.
ALL AVAILABE DATA PUBLISHED!"