32 Lac Cards Affected due to Malware Attacks Over HDFC, ICICI Bank, Axis Bank, SBI & Yes Bank

32 Lac Cards Affected due to Malware Attacks Over HDFC, ICICI Bank, Axis Bank, SBI & Yes Bank
By Admin 7 years ago

A major cyber-attack at the back-end system of a bank has suspected to compromised at least 32 lakh debit cards used in ATM that are suspected to have exposed card and PIN details to malware at the back end. The dots are slowly connecting, and what is emerging right now can be termed as India’s biggest breach of financial data ever.The worst hit banks by the breach are HDFC Bank, SBI and its subsidiaries, Yes Bank, ICICI Bank and Axis Bank. 

How did it exactly happen?

According to sources, the problem relates to the feared breach in the systems of Hitachi Payment Services, which manages the ATM network processing for Yes Bank.When a non-Yes Bank customer used that ATM, then the malware spread into other ATMs, and subsequently into the ATM Network of SBI, Axis Bank, HDFC and ICICI Bank. Yes Bank’s network was automatically infected. Of the cards affected, 600,000 cards belong to the RuPay platform while 2.6 million are believed to be on the Visa and Master-Card platform

According to bankers, the breach affected in such a way that anyone using the said bank’s ATMs in the region might stand to get affected.

Initiatives taken by the banks:

Card network companies NPCI, MasterCard and Visa had informed various banks about a potential risk to some cards owing to a data breach. Accordingly, the banks have taken precautionary measures and have blocked cards of certain customers identified by the networks.

  • As per briefing by SBI to agencies, compromise happened at payment switch from where data is being leaked. All cards that have similar digital chip series and design are being changed as precautionary measure. 
  • After asking its customers who may be potentially hit, the largest lender State Bank of India has also started a process to block the cards of those who did not change the security code at its own cost, its spokesperson said on Wednesday.
  • SBI has also generated EMV-based debit cards which cannot be compromised.
  • Some Banks have also asked their customers to change the Debit Card PIN immediately. "Dear Customer, due to security reasons, we request you to change your Debit Card PIN immediately at the nearest ICICI Bank ATM, through iMobile or through Net Banking. For details, please call Customer Care at 022-33667777," reads a message sent by ICICI Bank.
  • HDFC Bank advised to all customers: “Besides advising those customers who we know have used a non-HDFC Bank ATM in the recent past to change (their) ATM PIN, we are advising our customers to use only HDFC Bank ATMs as we believe security controls at some of the other bank ATMs may not be at par with HDFC Bank ATMs. We take this opportunity to reiterate that it’s always prudent to change ATM PINs from time to time. It prevents misuse.”
  • The concerned banks have also launched audits and security checks on war-footing and advising customers to contact them if they notice any suspicious activity on their accounts.

National Payment Council of India (NPCI), which foresees all payment related mechanism in India, has jumped into stealth mode, as some customers are complaining that they are witnessing unauthorized transactions originating from China.

An urgent forensic audit has been ordered by NPCI of all the servers belonging to all the banks in India, as they are desperately trying to understand how this intrusion happened, and how much damage has been done.

The incident has said to have compelled RBI to review its reporting framework and it has also asked many banks to immediately inform the central bank of any suspected fraud.