Home page logo

dataloss logo Data Loss mailing list archives

Bumi e-mail hacks show security flaws
From: Erica Absetz <eabsetz () opensecurityfoundation org>
Date: Wed, 13 Feb 2013 14:19:07 -0500


An expert says that the recent hacks of e-mail accounts belonging to
coal miner PT Bumi Resources show that Indonesia is still lagging in

An investigation conducted by Narliswandi “Iwan” Piliang and digital
forensic analysts Agung Harsoyo and Insan Praja in January determined
that hackers from an international network broke into the secure
servers of Bumi Resources to steal data.

“We found a form of malware inserted by the hackers on the Bumi
employee’s computer through the web and e-mails. The virus was sent by
a company using the Internet domain venturaservice.net addressed in
Rotterdam, the Netherlands,” Iwan said on Tuesday.

Iwan said that he reported the results of his investigation to the
National Police for investigation.

“The hacker is operating its business from overseas; therefore, we
need to cooperate with the authorities,” Iwan said.

“We suspect that several foreign corporations have used foreign
agencies to hack data from Indonesian companies. The purpose seems to
be to allow for expansion of their businesses here.”

Bumi has been under the spotlight after its majority shareholder,
London-listed Bumi plc, launched last year an investigation over
reported financial irregularities that the firm declined to make
public, claiming that illegal methods, including hacking, were used to
conduct the investigation.

The investigation sparked a dispute between major Bumi plc shareholder
Bakrie Group, which owns indirectly a 23.8 percent stake in the
company, and company founder Nathaniel Rothschild, who currently holds
a 14 percent stake.

They have been slated to resolve the dispute in an extraordinary
general meeting scheduled to take place on Feb.21, when, Rothschild is
expected to attempt to fire Bakrie-connected Bumi plc directors. (ebf)
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list


Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges. 

  By Date           By Thread  

Current thread:
  • Bumi e-mail hacks show security flaws Erica Absetz (Feb 13)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]