BASHE Ransomware Allegedly Leaked ICICI Bank Customers Data

A major cyber threat looms over Indian financial giant ICICI Bank as the notorious BASHE ransomware group, also known as Eraleign (APT73), claims responsibility for a significant data breach.

The group has allegedly obtained sensitive customer information and set a ransom deadline for January 24, 2025.

The Claim

The revelation surfaced during independent research conducted on dark web forums, where BASHE published statements asserting they had breached ICICI Bank’s internal systems.

According to the Cyber Security News report, the breach compromised a vast trove of private and financial customer data, potentially including personally identifiable information (PII), account details, and banking records.

Although the group has not specified the exact volume or nature of the data stolen, the claims have raised concerns about the security of one of India’s most prominent multinational financial institutions.

Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free

ICICI Bank’s Response

As of now, ICICI Bank has not publicly acknowledged the breach or validated these claims. The organization has neither issued an official statement nor disclosed any incidents related to unauthorized access or ransomware attacks.

Without confirmation from the bank, the authenticity of BASHE’s claims remains uncertain.

ICICI Bank customers are advised to monitor their accounts vigilantly for any unauthorized transactions or suspicious activity.

Those concerned about data security should consider resetting passwords and enabling additional layers of protection, such as two-factor authentication (2FA), if not already implemented.

The BASHE ransomware group, operating under the alias Eraleign (APT73), has been among the most active and sophisticated cyber threat actors in recent years.

Known for targeting critical infrastructure, government institutions, and financial organizations worldwide, the group typically employs ransomware to encrypt sensitive files and demands hefty ransoms in exchange for decryption keys.

In this case, BASHE has reportedly issued a ransom deadline, suggesting that ICICI Bank must comply with their demands by January 24, 2025, to avoid the public release of compromised data.

The alleged breach and its implications are solely based on dark web research and unverified claims made by the BASHE group. Until ICICI Bank confirms or denies the incident, the information should be considered speculative.

This event raises serious questions about cybersecurity readiness in the financial sector, especially with ransomware attacks becoming more frequent and destructive.

Customers and financial institutions alike are reminded of the importance of staying vigilant against evolving cyber threats.

Integrating Application Security into Your CI/CD Workflows Using Jenkins & Jira -> Free Webinar