NEW DELHI: The largest data breach to have hit the Indian banking industry has prompted the Union Finance Ministry to demand all relevant details from the banks affected and details on the steps being taken, and need to be taken, to prevent such incidents.
The department of financial services has queried the Indian Banks Association on the implications of such a data breach. “We have got information from SBI that PIN (Personal Identification Number) related with few debit cards has been compromised and the bank is in the process of replacing it with new card in secured manner,” the sources said.
The reaction follows reports of a data breach originating on financial services provider Hitachi Payments Systems (which provides services to Yes Bank.) Bankers say the breach took place in such a way that anyone using the said bank’s ATMs in the region might be vulnerable.
Hitachi Payment Services, however, has maintained its system was not compromised, citing interim report by an external audit agency appointed by it.
The incident has prompted several major banks in both the public and private sectors to reach out to customers and ask them to change their PIN (Personal Identification Numbers) immediately or even blocked and recalled cards that have been made vulnerable.
The number of debit/credit cards affected have reached more than 32 lakh. The largest single data breach in modern Indian banking history.
Even before news of the breach was made public, banks had begun informing customers to change their PINs immediately.
State-run lender State Bank of India has reportedly recalled 6 lakh affected cards, while private sector banks like ICICI Bank, Axis Bank, HDFC Bank and Yes Bank asked customers to change their ATM PINs. HDFC Bank also advised its customers to use its own ATMs for carrying out any transaction. Other public sector banks like Bank of Baroda, IDBI Bank, Central Bank and Andhra Bank have also replaced debit cards of several customers as a pre-emptive measure.
Of the cards affected in the breach, 81 per cent were on the Visa or Mastercard platforms. 6 lakh were RuPay cards.