BianLian Ransomware Group Leaks Smartfren Telecom's Sensitive Data in Public After Ransom Demand Unmet

 BianLian Ransomware Group Leaks Smartfren Telecom's Sensitive Data in Public After Ransom Demand Unmet

In a recent development, the identity of the victim of last month's August cyberattack by the BianLian Ransomware group targeting an Asian telecom giant has been unveiled. The victim company is none other than Smartfren Telecom.

It appears that Smartfren opted not to meet the ransom demands set by the BianLian ransomware gang, leading to the public disclosure of both the victim's name and the pilfered data.

The data claimed by the BianLian ransomware gang in their attack on Smartfren amounts to a substantial 1.2 terabytes. This vast trove of data encompasses a wide range of sensitive information, including personal data, accounting records, budgetary details, financial data, technical data, contract information, non-disclosure agreements (NDAs), accident reports, files from the CFO's personal computer, operational and business files, as well as email and message archives.

These developments closely mirror the information previously detailed in Cyberdefenseinsight's August report on the Ransomware Strikes Asian Telecom Giant incident at Smartfren.

In their current data release, the BianLian ransomware group has provided specific data sets that can be downloaded by other threat actors. Furthermore, they have disclosed the email address of Smartfren's CEO, "Alim Gunadi," along with contact information, including business email and personal mail belonging to Smartfren's Chief Information Officer (CIO), Ashish Kalay.

Figure 1: Data tree smartfren exposed by BianLian

Upon examining the sample data tree shared by the BianLian ransomware group, it becomes evident that the root of the compromised data lies within the Accounting and Business Email Compromise (BEC) Division, which contains sensitive internal reports.

Since Smartfren was first listed as a victim of the BianLian ransomware attack back in August, there has been no official statement from the company regarding the attack or the subsequent data leak.

These ongoing developments continue to raise concerns as Smartfren grapples with the aftermath of the cyberattack and the exposure of their sensitive data. Stay tuned for further updates as this shocking story unfolds.