India’s One Of Its Largest Data Breaches Ever, 3.2 Million Debit Card Details Stolen


Short Bytes: Hitachi Payments Services, which provides ATM and PoS services in India, has been hit by one of the biggest financial data breaches in the country. Around 3.2 million debit cards have been compromised and victims have reported unusual transactions happening in China. A Bangalore-based firm has been called for a forensic investigation.

The Indian soil has been affected by one of the worst cyber floods in the nation’s history. The Economic Times (ET) has reported that around 3.2 million debit cards have been compromised. These cards are mainly issued by State Bank of India (SBI), Axis Bank, ICICI Bank, Yes Bank and HDFC Bank.

Out of the 3.2 million, 2.6 million cards belong to VISA and MasterCard platforms. The rest 600,000 cards are on RuPay, a domestic card scheme launched by the National Payments Corporation of India.

The report suggests that security breach has emerged due to a malware present in the Hitachi Payment Services’ systems. The company facilitates ATM, PoS, and other services. This malware enabled the attackers to steal confidential information.

“We have received complaints from banks about debit cards being used in China which aroused suspicion,” said AP Hota, Managing Director NPCI.

“Though most of the suspected fraudulent transactions happened in the Visa and MasterCard network, we thought a whole a forensic audit of the entire network will help us find out where the compromise happened.”

The fact that MasterCard and VISA are more affected than RuPay might be a consequence of the higher popularity and reach of the former two.

HDFC, one of the affected banks, has updated its customers with security measures. The users have been advised to change their PIN regularly and refrain themselves from using non-HDFC ATMs.

SBI, another affected bank, is doubting the security aspects of non-SBI ATM service providers based on user complaints. The bank has blocked 600,000 cards as a precautionary measure.

A payment security specialist firm SISA has been appointed for the forensic investigation of the security breach. ET, claiming sources, has reported that it took around six weeks to detect the malware infection.

Source: The Economic Times

If you have something to add, tell us in the comments below.

Also Read: Symantec Shows How A $15 Device Can Be Used To Hack The U.S. Presidential Election

Similar Posts