Moh. Khory Alfarizi, Jakarta – A hacker group reportedly accessed sensitive data belonging to state-owned railway operator PT Kereta Api Indonesia (PT KAI). This was first reported by an account of social media X (formerly Twitter) under the username @TodayCyberNews on Sunday, January 14.
"A Hacker group claims to have accessed sensitive data, including employee info, customer details, and more from Indonesia's National railway company," the account tweeted as quoted on Monday, January 15.
The account also uploaded an image of PT KAI's website showing information that the site had been hacked. "You can find the general memo KAI.ID here! Price: 11.69 BTC (Bitcoins). ID: 18397815624."
The image also displayed information about PT KAI as the national railway company in Indonesia. "15 days is more than enough time for the company to discuss the ransom with us and prepare the amount. If we do not reach an agreement with the company within 15 days, we will leak all the data through our blog. (Don't forget to check this page regularly)," the image read.
@TodayCyberNews also tweeted that the hacker shared an image revealing VPN access to PT KAI's internal networks.
When Tempo checked PT KAI's website, it appeared normal and displayed information about ticket reservations and other services.
Joni Martinus, PT KAI's Vice President of Public Relations, responded to the alleged data breach issue. "Until now, there is no evidence that any data of KAI has been leaked as narrated," he said on Monday evening, January 15.
However, Joni assured that PT KAI would conduct a thorough investigation to seek the facts of the matter. He also mentioned that all IT operational systems and online ticket purchases are functioning properly.
PT KAI is also regularly working to improve its cyber security to ensure that customers can continue to enjoy train mass transportation services.
Source: https://en.tempo.co/read/1821747/kais-internal-data-allegedly-hacked-sold-using-cryptocurrenc