Calamity Strikes Punjab National Bank, Again: Sensitive Data Hacked!
The data hack was first reported by CloudSek Information Security, a data transactions monitoring firm registered in Singapore.
Punjab National Bank has once again found themselves on the wrong side of the news. After a massive scam of Rs 11,000 crore, hit them last week, they are now facing a data hack, quite serious in nature.
Rs 11,000 crore is 8-times their annual profits, and the investigation is still on.
The recent data breach of 10,000 bank customers have been confirmed by PNB, and another enquiry has been initiated.
It seems everything is going wrong for PNB these days.
Punjab National Bank Sensitive Data Leaked
The data hack was first reported by CloudSek Information Security, a data transactions monitoring firm registered in Singapore, but operates in Bengaluru.
As per their monitoring, they recorded some sensitive bank related data being sold on the dark web, and on further research, they found this from PNB.
Chief technical officer Rahul Sasi said,
“We have a crawler that is deployed in the dark/deep web. These are sites on the internet which are not indexed by Google or other major search engines. They are used to buy and sell sensitive data illegally,”
As per Rahul, data pertaining to PNB Credit Cards was mainly stolen and sold on the dark web.
Data types which were stolen are: Names, Expiry Dates, Personal Identification Numbers and Card Verification Values.
Reportedly, there were two sets of data which were stolen: One with CVV number, and the other without CVV number. The last date stamp on the data was January 29th, 2018, which indicates that the data was recently stolen.
PNB Admit Data Breach
PNB’s Chief Information Security Officer T.D. Virwani has confirmed that the data was breached, and as per him, PNB is collaborating with Govt. agencies to ‘contain the fallout from the release of the data.’
In 2016, a massive malware attack compromises security systems of almost all the major banks. Around 32 lakh debit and credit cards from HDFC, ICICI Bank, Axis Bank, SBI & Yes Bank were infected with malware, which prompted them to re-issue cards.
SBI had to block 6 lakh debit cards, and it causes major chaos all over the nation. Axis Bank had to hire EY to access the damage.
Last year, in a major embarrassment to some of the leading Govt. organizations in the country, it was found that sensitive data from UIDAI, BSE, RBI, ISRO was found available at the dark web for buying.
We will keep you updated, as we receive more information on the data breach, and what security mechanisms will banks employ now.