{
	"id": "7324408f-4b6f-4e09-a946-ee9ffa2f7639",
	"created_at": "2026-04-06T00:18:40.247605Z",
	"updated_at": "2026-04-10T03:20:42.117732Z",
	"deleted_at": null,
	"sha1_hash": "0d12ab2374cf67cc2ecbbb0435cfb5859bfbc667",
	"title": "Indonesia's central bank confirms ransomware attack, Conti leaks data",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 1041359,
	"plain_text": "Indonesia's central bank confirms ransomware attack, Conti leaks data\r\nBy Sergiu Gatlan\r\nPublished: 2022-01-20 · Archived: 2026-04-05 19:41:40 UTC\r\nBank Indonesia (BI), the central bank of the Republic of Indonesia, has confirmed today that a ransomware attack hit its\r\nnetworks last month.\r\nA Bank Indonesia spokesperson also told BleepingComputer the attack took place last month and that the bank's operations\r\nare not disrupted after the incident.\r\n\"We would like to inform you that the ransomware harassment has occurred last month. However, Bank Indonesia has\r\nconducted comprehensive evaluation for the disruption,\" BleepingComputer was told.\r\nhttps://www.bleepingcomputer.com/news/security/indonesias-central-bank-confirms-ransomware-attack-conti-leaks-data/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/indonesias-central-bank-confirms-ransomware-attack-conti-leaks-data/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\n\"We convince that our operational activities are not disrupted, stay in control, and keep on support public economic\r\nservices.\"\r\nDuring the incident, the attackers stole \"non-critical data\" belonging to Bank Indonesia employees before deploying\r\nransomware payloads on over a dozen systems on the bank's network, as CNN Indonesia reported.\r\nAccording to the bank, the incident was mitigated before impacting BI's public services, as first reported by Reuters.\r\n\"BI is aware of a ransomware hack last month. We are aware that we have been hit by a cyber attack. This is a crime, it is\r\nreal, and we are exposed to it,\" the head of BI's communications department, Erwin Haryono, told local media.\r\nConti claims the attack, leaks data\r\nWhile Bank Indonesia did not attribute the attack to a specific ransomware gang, Conti has claimed the attack today after\r\nleaking some files allegedly stolen from Bank Indonesia's network.\r\nIn all, the ransomware group claims to have 13.88 GB worth of documents to leak if Bank Indonesia doesn't pay the ransom.\r\nA Bank Indonesia spokesperson was not available for comment when contacted by BleepingComputer earlier today.\r\nImage: BleepingComputer\r\nThe Conti ransomware gang\r\nConti is a Ransomware-as-a-Service (RaaS) operation linked to the Wizard Spider Russian cybercrime group, also known\r\nfor other notorious malware, including Ryuk, TrickBot, and BazarLoader.\r\nThe ransomware group's affiliates breach targets' networks after corporate devices get infected with BazarLoader or\r\nTrickBot malware, providing them remote access to the compromised system.\r\nAfter gaining access to the victim's internal network, the Conti operators will compromise other devices spreading through\r\nthe victim's network.\r\nThis allows them to harvest and exfiltrate data before deploying the ransomware payloads across the network.\r\nConti is known for attacking high-profile organizations, including Ireland's Department of Health (DoH) and Health Service\r\nExecutive (HSE), and marketing giant RR Donnelly (RRD).\r\nhttps://www.bleepingcomputer.com/news/security/indonesias-central-bank-confirms-ransomware-attack-conti-leaks-data/\r\nPage 3 of 4\n\nDue to increased Conti activity, the FBI, CISA, and the NSA US have also recently issued an advisory warning of an\r\nincreased number of Conti ransomware attacks.\r\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/indonesias-central-bank-confirms-ransomware-attack-conti-leaks-data/\r\nhttps://www.bleepingcomputer.com/news/security/indonesias-central-bank-confirms-ransomware-attack-conti-leaks-data/\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/indonesias-central-bank-confirms-ransomware-attack-conti-leaks-data/"
	],
	"report_names": [
		"indonesias-central-bank-confirms-ransomware-attack-conti-leaks-data"
	],
	"threat_actors": [],
	"ts_created_at": 1775434720,
	"ts_updated_at": 1775791242,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/0d12ab2374cf67cc2ecbbb0435cfb5859bfbc667.pdf",
		"text": "https://archive.orkl.eu/0d12ab2374cf67cc2ecbbb0435cfb5859bfbc667.txt",
		"img": "https://archive.orkl.eu/0d12ab2374cf67cc2ecbbb0435cfb5859bfbc667.jpg"
	}
}