{ "id": "3db5725f-6d07-487a-9b88-f3759c5375e5", "created_at": "2026-04-06T00:19:41.827018Z", "updated_at": "2026-04-10T13:11:19.975617Z", "deleted_at": null, "sha1_hash": "1806b74aaf8fc5a6570e75321c7275da7c00ad7f", "title": "LockBit Leaks 1.5TB of Data Stolen From Indonesia's BSI Bank", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 230025, "plain_text": "LockBit Leaks 1.5TB of Data Stolen From Indonesia's BSI Bank\r\nBy Jayant Chakravarti\r\nArchived: 2026-04-05 12:52:43 UTC\r\nFinance \u0026 Banking , Fraud Management \u0026 Cybercrime , Industry Specific\r\nBank Syariah Indonesia Says Service Interruptions Were Maintenance (@JayJay_Tech) • May 18, 2023    \r\nA Bank Syariah Indonesia Office Building in Lhokseumawe, Indonesia (Image: Shutterstock)\r\nThe LockBit ransomware group on Tuesday published 1.5 terabytes of personal and financial information the\r\ngroup said it stole from Bank Syariah Indonesia after ransom negotiations broke down.\r\nSee Also: New Attacks. Skyrocketing Costs. The True Cost of a Security Breach.\r\nThe group said the records include the personal and financial information of about 15 million customers and\r\nemployees of the country's largest Islamic bank.\r\nThe state-owned bank came into existence in 2021 through the merger of three other nationalized banks. BSI\r\noperates more than 1,100 branches to serve nearly 18 million customers.\r\nBank Indonesia, the country's central bank, said on Thursday that under its supervision, BSI restored its real-time\r\ngross settlement, national clearing system, and Bank Indonesia Fast Payment services.\r\nBSI President and CEO Hery Gunardi on May 11 said ATMs and bank branch services were again available and it\r\nwas carrying out \"capacity building\" to restore core banking and critical channels. Gunardi said the disruptions\r\nhttps://www.bankinfosecurity.com/lockbit-leaks-15tb-data-stolen-from-indonesias-bsi-bank-a-22110\r\nPage 1 of 2\n\noccurred on May 8 due to BSI carrying out \"risk mitigation in the company's IT system by carrying out\r\nmaintenance.\"\r\nThe bank found indications of a cyberattack and \"switched off several channels to ensure system security\" he said.\r\nLockBit responded that the bank had \"brazenly lied to their customers and partners, reporting some kind of\r\n'technical work' being carried out at the bank\" when, in fact, its cyberattack had led to the disruptions.\r\nThe ransomware group on Tuesday also published details of its conversations with bank representatives between\r\nMay 8 and May 13.\r\nThe screenshots reveal that the bank floated the possibility of paying $10 million to recover the stolen data.\r\nLockBit demanded $20 million before going silent.\r\nIndonesian Vice President Ma'ruf Amin said Monday that the BSI incident was a bad experience for the public,\r\nand he asked the bank to improve its technology to prevent further attacks.\r\nSource: https://www.bankinfosecurity.com/lockbit-leaks-15tb-data-stolen-from-indonesias-bsi-bank-a-22110\r\nhttps://www.bankinfosecurity.com/lockbit-leaks-15tb-data-stolen-from-indonesias-bsi-bank-a-22110\r\nPage 2 of 2", "extraction_quality": 1, "language": "EN", "sources": [ "ETDA" ], "origins": [ "web" ], "references": [ "https://www.bankinfosecurity.com/lockbit-leaks-15tb-data-stolen-from-indonesias-bsi-bank-a-22110" ], "report_names": [ "lockbit-leaks-15tb-data-stolen-from-indonesias-bsi-bank-a-22110" ], "threat_actors": [], "ts_created_at": 1775434781, "ts_updated_at": 1775826679, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/1806b74aaf8fc5a6570e75321c7275da7c00ad7f.pdf", "text": "https://archive.orkl.eu/1806b74aaf8fc5a6570e75321c7275da7c00ad7f.txt", "img": "https://archive.orkl.eu/1806b74aaf8fc5a6570e75321c7275da7c00ad7f.jpg" } }