Bank Syariah Indonesia

Bank Syariah Indonesia (BSI), headquartered in Indonesia, endured a severe ransomware attack on May 8, 2023, attributed to the LockBit criminal group. The incident involved the theft of 1.5 terabytes of personal and financial data, compromising the information of approximately 15 million customers and employees. This breach precipitated significant operational disruptions, forcing the bank to take several of its service channels offline to contain the incident. Following the collapse of ransom negotiations, LockBit publicly leaked the exfiltrated data and accused BSI of initially mischaracterizing the service outages as routine maintenance. The attack highlighted the acute vulnerability of major financial institutions to sophisticated ransomware operations and the extensive potential for data exposure.

Indonesian authorities were immediately notified and assumed an active role in the subsequent investigation and the restoration of BSI's services. Their involvement focused on mitigating further damage, supporting recovery efforts, and pursuing the perpetrators behind the cyberattack. The public dissemination of sensitive personal and financial information substantially increased risks for the affected individuals, including threats of fraud and identity theft. This event has drawn regulatory and sector-wide attention to cybersecurity resilience within Indonesia's banking industry. The coordinated response between BSI and national authorities exemplifies the necessary collaboration for addressing large-scale cyber incidents in the financial domain.