Ransomware, a malicious software designed to encrypt user data on network and computer devices, has once again raised concerns in the cyber world. The recent threat comes from a hacker named Bjorka, who issued a warning to banks in Indonesia, particularly targeting Bank BCA.
In a series of tweets, Bjorka threatened that if banks do not take immediate action, they will face a massive data breach. The hacker claimed to have access to 890 thousand customer data and 4.9 million BCA databases. Despite BCA denying any leaked script data, Bjorka insisted that various banks, including BNI, BCA, Bank Mandiri, BSI, and BI, should be prepared to be the next targets of ransomware attacks.
The hacker did not reveal the identity of the group behind the ransomware attack but indicated that they also had access to BSI data. To support the claim, Bjorka shared a screenshot showing an account named ‘Sky Wave’ selling allegedly stolen data from BCA customers on the dark web.
In response to these threats, BCA’s Executive Vice President of Corporate Communication and Social Responsibility, Hera F. Haryn, reassured customers that their data remains safe. The bank urged customers to stay vigilant against fraudulent activities that aim to deceive them into sharing personal banking information.
To enhance security measures, BCA advised customers not to disclose confidential information such as ID, password, One Time Password (OTP), and Personal Identification Number (PIN) to anyone. They also recommended changing PINs and passwords regularly to prevent hacking incidents. The bank reiterated its commitment to strengthening security by implementing a multi-layered strategy and various risk mitigation efforts.
The case of Bjorka leaking sensitive information is not isolated, as the hacker has been involved in multiple data breach incidents in the past. The leaks have reportedly originated from applications owned by government entities or state institutions. Some of the notable cases include data breaches involving Indihome customers, PLN (State-power utility company) customers, Jasa Marga (State-owned toll road operator) internal data, phone card data, 105 million General Elections Commission (KPU) data, secret documents of President Jokowi, officials’ personal information, 26 million Indonesian Police data, and MyPertamina data.
The compromised data is believed to have been traded on hacker websites, with Bjorka claiming to have shared 2 million sample data collected between 2017 and 2020. Telecommunication operators such as Telkomsel, Indosat, Tri, XL, and Smartfren have also been implicated in the data leaks.
As cybersecurity threats continue to evolve, organizations and individuals must remain vigilant and take proactive measures to safeguard their data and personal information from cyber attacks. The incident involving Bjorka serves as a stark reminder of the importance of cybersecurity in today’s digital age.