Hacker Bjorka, who shook Indonesia in 2022 and 2023 when the nation had yet to completely free from the Covid 19 pandemic, now returns with an X account revealing that several private and state-owned banks in Indonesia, such as BCA, BNI, BSI, Bank Mandiri and the Central Bank (BI) will be the next targets of ransomware hacker groups.
Ransomware is a type of dangerous virus or malware that is used to encrypt user data on a network device or computer device.
“@BankBCA a surprise for banks in Indonesia, if they do not respond immediately to this, then Bank BCA will experience a massive data breach,” A tweeted X account under the name Bjorka @bjorkanesiaaa, said on Wednesday, February 5, 2025.
“You say it’s not true? Okay, just wait and see what happens! We said security needs to be tightened, but they said we’re just giving facts or fake news. LoL,” Bjorka added, on Thursday, February 6, 2025.
Bjorka said that various banks such as BNI, BCA, Bank Mandiri, BSI and BI should be prepared to be the next ransomware targets. The tweet was in response to BCA denying the news of leaked script data.
Bjorka said the ransomware hacker group had 890 thousand accesses to customer data and 4.9 million BCA databases.
However, he did not specify the hacker group in question. Bjorka also said the group has access to BSI data.
The hacker also showed a screenshot showing an account with the name ‘Sky Wave’ selling data allegedly belonging to BCA customers to the dark web.
“Currently, we ensure that customer data remains safe,” Hera F. Haryn, Executive Vice President (EVP) Corporate Communication and Social Responsibility BCA said, as quoted by Katadata.co.id on Thursday, February 6, 2025.
Then, BCA appealed to customers to always be aware of various fraudulent methods that use the company’s name, with the aim of obtaining personal banking data.
In order to anticipate hacking, Hera asked customers not to share confidential information with other parties such as BCA, ID, Password, One Time Password (OTP) and Personal Identification Number (PIN).
He also reminded customers to routinely change their PINs and passwords. Meanwhile, BCA continues to strengthen its security system by implementing a multi-layered strategy and various risk mitigation efforts.
Bjorka cases
The case of Bjorka leaking information has been going on for a long time. Bjorka was also the hacker in 10 data leak cases.
This leak is thought to have originated from an application owned by the government or a state institution. Some of these cases include: Indihome customer data, the State-power utility company PLN customer data, the State-owned toll road operator Jasa Marga’s internal data, phone card data, 105 million General Elections Commission (KPU) data leaks, secret documents of President Jokowi, officials’ personal data, 26 million Indonesian Police data leaks, and MyPertamina data leak.
The data is also suspected to have been traded on one of the hacker sites. The Bjorka account claimed to have shared 2 million sample data that had been collected from 2017 to 2020. Telkomsel, Indosat, Tri, XL and Smartfren are the names of telecommunication operators revealed by Bjorka.
