Malware Security
The malware security breach is the worst ever known security breach for the banks in India

The gap in malware security may have compromised more than 3M debit cards issued by Indian banks

Malware Security breakdown exposed 3.2 million debit cards issued by India’s biggest banks. (the actual number could be much more) Most of these cards were issued by the State Bank of India (SBI), HDFC Bank, Yes Bank and ICICI Bank. Of the 3.2 million, 2.6 million are Visa and MasterCard and 600K on the RuPay platform.

Top officials of the National Payments Corp of India (NPCI) said the investigation into the malware security hack on Hitachi Payment Services is in its initial stages, so they can’t really evaluate the damage yet.

The malware security breach is the worst ever known security breach for the banks in India, this malware security hack is suspected of exposing the debit cards and their PIN. Considering that the malware had impacted the back end quite some time ago, the banks are making efforts to control damage. There is no report on the extent of damage that has been caused. SBI will reissue debit cards to customers who had used their card at suspected networks and other banks have sought customers to change their ATM PINs to prevent further damage.

Malware is the software designed to intrude into computer systems. “The basic nature of malware is that it spreads after the first attack,” explains Vidit Baxi, director of technology at Lucideus, a cyber security company.

The breach originated in malware introduced in the Hitachi Payment Services system. This leads to data being compromised, which poses the danger of theft. Hitachi is the provider of the ATM machines and the POS machines.

“This happened a month ago and a couple of private banks have informed us of the security breach,” said Loney Antony, MD, Hitachi Payment Services.

“Some 3.2 million cards have been suspected to be compromised. As a precautionary measure, all banks have blocked the cards and have asked customers to change the PIN or hotlist the card and re-apply at the branch,” an NPCI official said.

MasterCard has not encountered any fraudulent use on these cards yet but Visa said it has been informed that some of these accounts have been fraudulently used for overseas transactions.

Until now, the incidents of ATM fraud involved criminals tricking users to get their information or fix a particular ATM machine or use hidden cameras to know the PIN. The latest cyber attack is most likely the most sophisticated attack on the Indian banks.

The chain of events

  1. The backend of AXIS bank was based on Hitachi Payment Services and there was the hack
  2. AXIS bank was notified by a Kaspersky Lab Engineer that Malware security was breached.
  3. AXIS bank found an unauthorized entry to its backend from an anonymous hacker
  4. AXIS announced that there has been no monetary loss.
  5. Some customers have reported transactions on their card in China

How should customers protect themselves?

Change their debit card pin number immediately. For extra security also change passwords to bank applications and online accounts that they used their cards to pay.

 Who is more responsible? The Banks or The Credit Card Platforms?

“The ultimate liability in such cases is something that is very complicated to be found out. It depends on the operating guidelines of the regulator and also on the understanding between the acquiring bank (which runs the ATM) and the issuing bank, “said Loney Antony, managing director at Hitachi BSE Payment Services.

When the extent of the damage is evaluated, the accountabilities will be discussed again.

More here [hindustantimes] and [bgr] and [economictimes]

Receive Weekly RoundUp

By clicking this button you agree to receive marketing communications from EMI

I agree to have my personal information transfered to MailChimp ( more information )