3.2 Million Debit Cards Compromised Following Security Breaches in India
Several Indian banks are issuing an advisory to their customers, asking them to change their security codes or replace their card following an investigation into security breaches.
As many as 3.2 million Indian debit cards could be compromised. Of those, 2.6 million are powered by Visa or MasterCard, while the remaining 600,000 cards would with the country’s own RuPay platform. It’s not clear who is behind the security breaches, but a report in the Economic Times said that customers have observed activity on their cards from China.
Those who bank with SBI, HDFC Bank, ICICI, Yes Bank and Axis are among the “worst hit,” according to the report. HDFC Bank has asked its customers to change their ATM pin numbers and are also offering new debit cards for free.
Earlier this week, the country’s top sector banking and financial services company, State Bank of India, said it had blocked the cards of certain customers because it had been warned by card network providers that there may be risks involved if the cards were used. They decided to block there cards as a precautionary measure. It has been reported that up to 625,000 cards were affected.
"Card network companies NPCI, Mastercard and Visa had informed various banks about a potential risk to some cards owing to a data breach. Accordingly, we have taken precautionary measures and have blocked cards of certain customers identified by the networks," SBI said in a statement.
The banks were alerted about the attack by Kaspersky Lab, who noted that an offshore hacker had unauthorized access to Axis’ bank servers. The bank then told Reserve Bank of India about the security breach which lead to the hiring of an audit and advisory firm, EY.
The attack comes at the end of a difficult year for financial institutions. Earlier this year, hackers stole $81 million from the central bank of Bangladesh, uncovering poor firewalls the bank had in place. The bank was connected to the SWIFT global bank.