Bank Pembangunan Daerah Banten Tbk: Victim of RansomHouse Cyber Extortion

Incident Date: Apr 23, 2024

Attack Overview
VICTIM
Bank Pembangunan Daerah Banten Tbk PT
INDUSTRY
Finance
LOCATION
Indonesia
ATTACKER
Ransomhouse
FIRST REPORTED
April 23, 2024

RansomHouse Targets Bank Pembangunan Daerah Banten in Cyber Extortion Scheme

Attack Overview

The ransomware group RansomHouse has claimed responsibility for a cyber attack on PT Bank Pembangunan Daerah Banten Tbk (Bank Banten), a regional development bank in Indonesia. The attack involved the exfiltration of approximately 450 GB of data from the bank's systems. Initial reports indicate that sensitive information may have been leaked online.

Company Profile

Bank Banten, established in 1992, operates as a key financial institution in the Banten province, focusing primarily on micro-enterprises and small to medium enterprises (SMEs). With 829 full-time employees, the bank plays a crucial role in the regional economic development by providing financial services tailored to local needs. The bank is a subsidiary of PT Banten Global Development.

Targeting and Vulnerabilities

The choice of Bank Banten as a target by RansomHouse can be attributed to several factors. As a regional bank with significant local influence, it holds a wealth of sensitive financial data that is attractive to cybercriminals. Furthermore, the transition phases in its history, including name and ownership changes, might have introduced vulnerabilities in its cybersecurity practices, making it a more feasible target for such sophisticated attacks.

RansomHouse's Modus Operandi

RansomHouse distinguishes itself from other cybercriminal groups by not encrypting the victim's data but instead threatening to leak it unless a ransom is paid. This method of operation not only causes immediate disruption but also poses a long-term reputational risk to the victims, compelling them to comply with the ransom demands to safeguard their client's data.

Sources

Disclaimer

The Halcyon Attacks Lookout Database is compiled using publicly available information based on the hosting choices of real-world threat actors and data from a variety of trackers. This information is provided in accordance with principles of fair use. Halcyon has made reasonable efforts to sanitize and verify the data; however, we do not guarantee the accuracy, completeness, or reliability of the information provided. Updates to the database are made as new source data becomes available from reputable sources.  By accessing, viewing, or using the information within the Halcyon Attacks Lookout Database, you acknowledge and agree to do so entirely at your own risk. No reliance should be placed upon the information for decision-making, and Halcyon disclaims all liability for any inaccuracies or omissions in the data.

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

1
2
3
Let's get started
1
1
2
3
1
1
2
2
3
Back
Next
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.