In what has been termed one of the biggest data breaches in the banking industry in India so far, 3.2 million debit card details have been stolen. These debit cards are understood to have been used at ATMs that are suspected to have exposed card and PIN details to malware at the back end. There are also new reports linking these hackings to cyberattacks from Pakistan post Indian Army's surgical attacks across LoC. Here's an update on the latest developments in the biggest online breach in country: A forensic audit has been ordered by Payments Council of India on Indian bank servers and systems to detect the origin of frauds that might have hit customer accounts.
CERT-In had warned banks of cyberattacks from Pakistan On October 7, CERT-In had issued a warning about 'expected targeted attacks from Pakistan', in the wake of India's counterstrike across the border following terror attacks in Jammu and Kashmir. At the time this advisory was sent, more than a month had elapsed since the first complaints stemming from the breach began streaming into banks in early September.
Who'll foot the bill? Banks or payment providers? Indian banks stung by the biggest financial data breach to hit the industry are scampering to contain the damage and compensate the affected account holders. Sources said SBI, HDFC, ICICI, Axis and Yes Bank are looking to refund money to customers or other banks.
90 ATMs hacked According to National Payment Corporation of India (NPCI), 90 ATMs have been compromised, and at least 641 customers across 19 banks have been hit. NPCI is the nodal agency that connects the country's ATMs and runs the RuPay gateway.
Total amount lost Rs 1.3 crore As per NPCI, total amount lost due to fraudulent transactions on hacked debit cards is Rs 1.3 crore.
How exactly does the malware work? Malware is malicious software in the form of viruses, worms, trojans, ransomware, spyware and other programmes. It is likely that computer systems at ATMs or bank servers were affected by malware and allowed fraudsters to access confidential debit card data.
RBI asks banks to submit report RBI has directed banks trying to plug India's biggest such data theft to submit a report on the magnitude of the security breach at their ATMs, pending a forensic report that's expected by the end of the month, said two people familiar with the development.
Banks to face penalties According to reports, banks that failed to act in time may face penalties.
7,000 websites attacked After the strikes across the border, there have been a number of attacks on various Indian websites, some reports put the number to as high as 7,000 by Pakistani hackers.
The worst-affected banks The worst-hit of the card-issuing banks are State Bank of India, HDFC Bank, ICICI Bank, YES Bank and Axis Bank. The breach is said to have originated in malware introduced in systems of Hitachi Payment Services, enabling fraudsters to steal information and allowing them to steal funds. Hitachi provides ATM, point of sale (PoS) and other services to several banks in India. Hitachi Payment Systems, which provides ATM and point of sale services, has, however, denied that the malware infection stemmed from its servers. The company, which serves more than 50,000 ATMs in the country, cited an internal audit in its defence.
Card platforms hit Of the debit cards hit by the breach, 2.6 million are said to be on Visa and Master Card platform, while 600,000 on RuPay platform. The banks, Visa and Master Card all reportedly said that their systems weren?t breached. Some said that information may have been compromised when customers used ATMs that didn?t belong to the respective banks.
Customers asked to change PINs While the banks involved are taking steps to block affected cards and replace them, some have also advised customers to change their PINs regularly so as to prevent misuse following such incidents.
HDFC Bank to customers: Avoid using other bank's ATMs HDFC Bank has reportedly already taken action in the matter some weeks back. "Besides advising those customers who we know have used a non-HDFC Bank ATM in the recent past to change (their) ATM PIN, we are advising our customers to use only HDFC Bank ATMs as we believe security controls at some of the other bank ATMs may not be at par with HDFC Bank ATMs," a Bank's spokesperson told Economic Times.
State Bank of India blocks 6 lakh debit cards State Bank of India has said that it will re-issue around six lakh debit cards to customers, which have been blocked following the malware-related security breach. The bank is also said to be blocking international transactions that can be conducted without PIN.
It seems Lenovo is planning to launch two new smartphones soon. As reported by T
Tired of working for hours at a stretch and need some break? Or maybe have way t
Soon you will able to withdraw your pension using your smartphone. Pensioners an
LG has launched a new smartphone - X Power, in India. Part of the company's X li
State-run telecom firm BSNL on Thursday signed a strategic business pact with Mi
ASUS today launched its flagship ROG GL552JX, a gaming laptop encasing macular h
One big grouse that many have with the Apple's latest laptop -- MacBook Pro -- i
Xiaomi recently launched its Mi Note 2 smartphone with a dual-curved display, al
Google's first Tango smartphone Lenovo Phab 2 Pro is not getting delayed again.
Sharp has added another smartphone - Aquos Xx3, to its line-up. Announced in Jap