Bank Data Breaches: Expert Insights on Cybersecurity Risks and Prevention

Recent reports regarding data breaches involving several banking institutions have sparked widespread public concern. However, digital security expert Syahraki Syahrir asserts that Indonesia’s banking sector maintains some of the most robust security systems in the country, particularly among major financial institutions.

As the CEO of Veda Praxis, a firm specializing in digital consulting and cybersecurity, Syahraki explains that the banking industry is currently the most mature sector in managing information technology (IT) security. He notes that regulators in Indonesia have long enforced stringent requirements for banking information systems, ensuring that oversight is conducted through multiple layers by various authorities, including the Financial Services Authority (OJK), Bank Indonesia, the National Cyber and Crypto Agency (BSSN), and the Ministry of Communication and Digital.

“These regulators consistently elevate security standards for banks while actively providing education to the public and industry players,” said the expert, who is affectionately known as Raki, on Saturday (May 23).

Addressing the circulation of alleged data breaches on the dark web, Raki advises the public against unnecessary panic. He describes the dark web as an unindexed segment of the internet often used for unregulated activities, where the validity of leaked data remains unverified. Furthermore, he explains that modern digital ecosystems are highly interconnected; banking systems often link to third-party technology providers and infrastructure partners. Consequently, data appearing on the dark web does not necessarily originate from a bank’s core system.

“Even if the data on the dark web is authentic, we must investigate its source. It could have originated from a third party linked to a bank’s service. Therefore, we should not immediately conclude that the bank’s security is weak. Public alarm is simply higher regarding banks because people’s finances are directly at stake,” Raki added.

OJK Urges Public to Protect Personal Data

In a separate statement, Friderica Widyasari Dewi, Chair of the Board of Commissioners at the OJK, emphasized that despite layered security protocols, public vigilance remains essential. She warned that even with robust protections, financial crimes can still occur if customers are negligent in safeguarding their private information.

“While banks have implemented multi-layered security and ensure strict compliance with personal data protection regulations, crimes can still happen if customers are not cautious or fail to keep their personal information confidential,” Friderica stated, as quoted by Antara.

She further noted that the risk of cybercrime in the financial sector is escalating as digital criminals become more sophisticated, often targeting individuals with limited digital and financial literacy.

Echoing these sentiments, Raki added that the rise in cybercrime is an inevitable consequence of the increasing complexity of daily digital integration. He urges the public to heighten their caution when interacting in digital spaces. Specifically, he advises against disclosing sensitive information via phone calls, instant messaging, or other digital media, even when approached by someone claiming to represent a bank.

“Passwords, PINs, and OTPs should never be shared with anyone. If any party requests sensitive data via phone or digital messaging, you must be immediately suspicious,” he warned.

Ultimately, Raki emphasizes the importance of cultivating a culture of caution in daily digital activities. He encourages the public to verify any requests or information received through digital channels before taking action. “In this era, we must be extra careful. Do not easily trust calls, messages, or links claiming to be from specific parties, including banks. When in doubt, conduct your transactions and communications directly through official applications or visit a physical bank branch,” Raki concluded.