In an ID-hosted ransomware/extortion claim, Triple X alleged it exfiltrated and would leak customer and identity records from Bni.co.id (Bank of Indonesia), including contracts, passports, and ID cards covering 2024–2026, with a stated total data volume of ~2 TB. The threat includes leaked sample data and a promised full-pack release via onion/forums, with the impacted country(s) listed as #Indonesia.
Incident Details
- Victim: Bni.co.id bank of indonesia free data.
- Sector: Financial Services
- Country: ID
- Actor: Triple X
- Source: http://6qqz6m3b6htudohg2mlf5gdcalonxy3sh5g4dix4mpyirjcgelqqufad.onion/bni.co.id/
- Discovered: 2026-06-13T10:07:57.123771+00:00
- Published: 2026-05-11T00:00:00+00:00
Information
- Customer information from 2024 to 2026
- All customer contracts, passports, and ID cards, with several attached sample images
- Claims the bank has a severe security weakness
- Total data size is 2 TB
- Part 1 is around 100 GB
- Free download is available via an .onion link protected by a password
- Additional parts are expected to be leaked later
- Offers the full package through private contact in a forum
- Also advertises the sale of fresh 2026 data via private message
Disclaimer: This post is based on public claims made by the ransomware group "Triple X". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.