Massive Data Breach at PT Bank Central Asia, Indonesia – Millions of Records Compromised

Attack Description :

In a shocking incident that has sent ripples through the financial industry, PT Bank Central Asia Tbk, one of Indonesia’s largest banks, has fallen victim to a massive data breach. The breach, involved the unauthorized exfiltration of a staggering 6,422,137 records containing personally identifiable information (PII) of individuals who had applied for credit card services through the bank’s portal.

According to cybersecurity experts, the breach was traced back to a threat actor known as “TA pentagram.” This ominous figure recently surfaced on the dark web’s notorious Breachforums, where they allegedly put the stolen database up for sale. The compromised information reportedly includes names, addresses, contact details, and other sensitive data of applicants.

The breach is believed to have occurred on July 22, 2023, when the attacker managed to infiltrate PT Bank Central Asia’s web portal ( The bank has since initiated an urgent investigation to ascertain the extent of the compromise and the vulnerability exploited by the attackers.

Authorities have been notified, and the bank is cooperating fully with law enforcement agencies to track down the perpetrators and bring them to justice. A spokesperson from PT Bank Central Asia reassured customers that they are taking the matter very seriously and are committed to implementing additional security measures to prevent such incidents in the future.

In light of the breach, affected individuals are being strongly urged to monitor their financial accounts closely for any suspicious activities. Experts are advising potential victims to change their passwords for all online accounts and enable two-factor authentication to enhance security.

The breach highlights the pressing need for robust cybersecurity practices within the financial sector and underscores the ever-evolving threats posed by cybercriminals. Industry leaders and authorities are now calling for more stringent data protection measures to safeguard customers’ personal information and prevent similar incidents from recurring.

As the situation continues to unfold, concerned parties are advised to stay informed through official updates from PT Bank Central Asia and other reliable sources. Additionally, customers who believe their data may have been compromised are urged to contact the bank directly for further assistance.

This breach serves as a stark reminder of the importance of cybersecurity vigilance in an increasingly digital world, where sensitive information is vulnerable to sophisticated cyber threats. As investigations proceed, the financial industry as a whole will undoubtedly be reviewing and reinforcing their security protocols to prevent such breaches from tarnishing trust and causing financial harm to their valued customers.


Take Away: By implementing these mitigations and maintaining a proactive security stance, organizations can significantly reduce the risk of unauthorized access and data breaches, safeguarding their critical assets and data from potential threats. Disclaimer : The information provided herein is on “as is” basis, without warranty of any kind.