Hacker group claims attack on Indonesia national railway company PT KAI

A social media post alleged that a hacker group infiltrated Kereta Api Indonesia (PT KAI), Indonesia's national railway company, accessing sensitive data including employee and customer information.

The group claims to have hacked PT KAI's website, demanding a ransom of 11.69 Bitcoins and threatening to leak the data if not paid within 15 days.

Despite these claims, PT KAI's website appeared normal, showing usual services like ticket reservations.

PT KAI's Vice President of Public Relations, Joni Martinus, stated there's no evidence of a data leak and assured a thorough investigation, emphasizing that all IT systems, including online ticketing, are functioning normally.

Update - The Stormous hacking group listed more data of Kereta Api Indonesia's (KAI), including

• employee details,
• customer details
• partner company details,
• tax documents
• geospatial data pertaining to the railways.

They exploited a VPN using stolen employee credentials and claim to have maintained access despite KAI's countermeasures, even installing potential backdoors. KAI disputes any data leakage, stating all systems operate securely. Stormous has published a sample of the stolen data and demanded a ransom, which KAI refuses to pay.