The dots are slowly connecting, and what is emerging right now can be termed as India’s biggest breach of financial data ever. 32 lakh debit cards from HDFC, ICICI Bank, Axis Bank, SBI and Yes Bank have been compromised.
Most probably, banks would ask their all customers to either change ATM passwords or issue them new ATM cards, based on the severity of the issue.
In case you are a debit card holder, and a account holder with any of these above banks, then immediately change your ATM password and contact your bank regarding further instructions.
What Exactly Happened?
As per emerging reports, a malware somehow creeped into a Yes Bank ATM, which was maintained and supported by Hitachi Payments Service. When a non-Yes Bank customer used that ATM, then the malware spread into other ATMs, and subsequently into the ATM Network of SBI, Axis Bank, HDFC and ICICI Bank. Yes Bank’s network was automatically infected.
We had reported yesterday about this malware and the subsequent threats which include illegal transfer of funds, stealing sensitive financial data and other malicious activities. We had described the incident as a ‘chaos’, as we anticipated that around 6-10 lakh debit cards were infected with this malware.
But the chaos is now turning out into India’s biggest breach of financial data, involving India’s 4 biggest banks and millions of customers. Out of 32 lakh debit cards and accounts which are under malware attack, 26 lakh belong to either Visa or Master Card platform and the rest on RuPay.
The Threat Is Real – NPCI Jumps Into Stealth Mode
National Payment Council of India (NPCI), which foresees all payment related mechanism in India has jumped into stealth mode, as some customers are complaining that they are witnessing unauthorized transactions originating from China.
An urgent forensic audit has been ordered by NPCI of all the servers belonging to all the banks in India, as they are desperately trying to understand how this intrusion happened, and how much damage has been done.
NPCI Managing Director AP Hota said: “We have received complaints from banks about debit cards being used in China which aroused suspicion. Though most of the suspected fraudulent transactions happened in the Visa and MasterCard network, we thought a whole a forensic audit of the entire network will help us find out where the compromise happened..”
The concerned banks have also launched audits and security checks on war-footing, and advising customers to contact them if they notice any suspicious activity on their accounts.
As we reported yesterday, SBI has decided to replace 6 lakh cards. SBI Chief Information Officer Mrutyunjay Mahapatra said, “..As a precautionary measure, we have blocked six lakh debit cards. We have assured our customers that there has not been any breach on the ATM network of SBI.”
In a statement, HDFC Bank advised to all customers: “Besides advising those customers who we know have used a non-HDFC Bank ATM in the recent past to change (their) ATM PIN, we are advising our customers to use only HDFC Bank ATMs as we believe security controls at some of the other bank ATMs may not be at par with HDFC Bank ATMs. We take this opportunity to reiterate that it’s always prudent to change ATM PINs from time to time. It prevents misuse.”
Visa, Master Card, Yes Bank, ICICI Bank and Axis Bank hasn’t yet issued any advisory or statement.
We will keep you updated as more details come in.."HDFC, ICICI Bank, Axis Bank, SBI & Yes Bank Worst Hit With Malware Attacks; 32 Lakh Cards Compromised",