Bashe ransomware group claims breach of Bank Rakyat Indonesia

Bank Rakyat Indonesia (BRI), one of Indonesia's largest banks, has reportedly been targeted by the ransomware Bashe ransomware group.

The Bashe ransomware group, also known as APT73 or Eraleig, emerged in 2024 with tactics similar to the LockBit ransomware operation. The breach was reported by cybersecurity company Falcon Feeds through their twitter account. The attackers have set a December 23 deadline for ransom payment, threatening to leak sensitive data or disrupt services if their demands are not met.

BRI's Digital and IT Director, Arga M Nugraha, has issued statements assuring customers that their data remains secure and banking services continue to operate normally. The bank claims that all services, including digital banking platforms such as BRImo, QLola, and ATM/CRM services, are functioning without disruption. BRI also emphasized that their information technology security system meets international standards and undergoes regular updates to address potential threats.

BRI has stated they are taking proactive measures to ensure customer information remains protected, though they have not explicitly confirmed or denied the ransomware attack.