In the latest case, the personal details of up to 2 million clients of BRI Life, the insurance arm of state lender Bank Rakyat Indonesia (BRI), were exposed on the internet and advertised for sale by unidentified hackers.

The breach was reported by Alon Gal, chief technology officer of cybercrime intelligence firm Hudson Rock, in his Twitter account @UnderTheBreach on July 27. In his tweet, he posted screenshots of an online forum thread showing the attempted sale of up to 250 gigabytes of BRI Life’s customer data, including details on insurance policy statements and copies of ID cards.

The seller reportedly offered the data for about Rp 100 million (US$7,000).

Reuters reported that Hudson Rock had found evidence that showed that the breach was likely made possible due to compromised employee computers at both BRI Life and BRI.

BRI Life corporate secretary Ade Ahmad Nasution said the hacker had gained access to the BRI Life Sharia Insurance data system, which held the details of around 25,000 individual sharia insurance policies, but added that it did not affect the data of other companies within the BRI group.

“This incident had no effect on other BRI customers and other companies within the BRI group,” Ade said on July 29 as quoted by Kontan.

Popular

The fragile promise of pluralism, religious freedom in Southeast Asia

Furniture exporters decry new quarantine rule

BRICS shows internal rifts as ministers fall short of joint statement