In one of India’s largest data breach, hackers got hold of around 32 lakhs or 3.2 million Indian debit card details. Cards from all major Indian banks are affected in the hack and include State Bank of India, HDFC, ICICI, YES Bank and Axis Bank.
Of the debit cards stolen, around 2.6 million cards are on Visa and MasterCard platforms, while 600,000 are on India’s own RuPay platform. Several customers have reported unauthorised usage of their debit cards from locations in China.
The data breach is believed to have taken place several weeks ago. It isn’t yet clear who is behind the attack, but the breach originated in malware injected in systems of Hitachi Payment Services. Hitachi is one of the biggest suppliers of ATM, point of sale (PoS) and other banking services.
The banks have already started blocking the affected debit cards and have asked other customers to change ATM PIN numbers at the earliest. SBI said to have blocked and started reissuing around six lakh debit cards.
HDFC Bank has also taken proactive steps to tackle the issue. The bank is advising its customers to change their ATM PIN at the earliest and to use only HDFC Bank ATMs to withdraw money.
A forensic audit has now been ordered by Payments Council of India on Indian bank servers and systems. This been done to detect the origin of a hack. The audit will be conducted by Bengaluru-based payment security specialist SISA.
This post was last modified on February 9, 2017 10:20 pm