BRI Life investigates alleged data leak of 2 million customers

Bank Rakyat Indonesia's (BRI) insurance division, BRI Life, is reportedly looking into allegations that the personal information of more than two million of its customers had been advertisers for sale by "unidentified hackers". Quoting cybercrime monitoring company Hudson Rock, Reuters said there was evidence found that "multiple computers belonging to BRI and BRI Life employees had been compromised".

Citing a post on database sharing and marketplace forum, RaidForums, Reuters reported that unidentified users were selling about 460,000 documents compiled from the user data of more than two million BRI Life clients for US$7,000. There was also a 30-minute video of the documents, which comprised of bank account details, and copies of Indonesian ID cards as well as taxpayer information. BRI Life CEO Iwan Pasila said the team is looking into the matter and later on, the company said it is carrying out an investigation with an independent cybersecurity team to perform digital tracing.

According to Reuters, necessary steps will also be taken to boost data protection for its users. Quoting the company's corporate secretary Ade Nasution, Reuters also said the insurer is "making maximum effort" to protect its policy holders' data. Nasution also stressed that the company has never offered personal information to any "irresponsible parties", Reuters said. MARKETING-INTERACTIVE has reached out to BRI Life for comment.

A 2021 study by IBM found that the average cost of a data breach increased by nearly 10% year-over-year to US$4.24 million, the largest single-year cost increase in the last seven years. The average cost was also US$1.07 million higher in breaches where remote work was a factor in causing the breach, compared to those where remote work was not a factor. Healthcare data breach costs, in particular, increased from an average total cost of US$7.13 million last year to US$9.23 million this year, marking a 29.5% increase.

Photo courtesy: 123RF

Related articles:
NTUC's e2i data breach puts 30k individuals' data at risk of exposure
SIA's KrisFlyer and PPS club fall prey to data breach
Personal info of about 129k Singtel customers leaked in data breach
Analysis: Why RedMart SG's data breach is unlikely to dampen Lazada's mega 11.11 bash