bankbsi.co.id
Mar 6, 2023
In March 2023, Bank Syariah Indonesia (BSI), an Indonesian state-owned Islamic bank, was breached by the LockBit 3.0 ransomware group. After the bank refused to pay the ransom, attackers publicly released over 7.4 million customer records containing names, phone numbers (MSISDN), activation codes, registration metadata, and approximately 3.1 million unique email addresses.
Data found in this dataset
Source files
Expand any file to inspect its column headers and the LLM's field-mapping reasoning, recorded during ingestion.
BankSyariahIndonesia__Info.txt34 rows
File structure
Notes: Pre-LLM auto-detection: free-form text with visible emails / phones
BankSyariahIndonesia__data__7.4M-Indonesia-bankbsi.co.id-_Bank-Syariah_-Customers-csv-2023.csv7 columns7,399,979 rows
File structure
| Source column | Mapped field | Confidence | LLM assessment |
|---|---|---|---|
| 0 | skip | high | Sequential ID numbers, internal database identifier |
| 1 | fullName | high | Contains customer names in full format (e.g., 'ALIMATUS SAHRAH', 'YUGO PURWANTO') |
| 2 | phone | high | MSISDN field contains Indonesian mobile phone numbers starting with 08 |
| 3 | skip | high | ActivationCode - internal system reference, non-PII |
| 4 | skip | high | RegisterBy - internal system identifier for registration source (e.g., 'bsmcs00901'), non-PII |
| 5 | skip | high | CreateDate - timestamp of account creation, non-PII metadata |
| 6 | high | Labeled 'email' in header, contains email addresses with @ symbol (many records have blank values) |
Notes: Bank Syariah Indonesia 2023 breach. This is a semicolon-delimited export with header row. Many email fields are blank/empty. Full names are in uppercase. Phone numbers are Indonesian MSISDN format. No passwords present in this dataset, contrary to typical 'combo list' format.