Several Indian banks have taken drastic steps in response to a security breach that may have compromised up to 3.25 million debit cards—or 0.5% of the approximately 700 million debit cards that Indian banks have issued.
The financial institution is Hitachi Payment Services, a subsidiary of Hitachi Ltd. that oversees ATM network processing for Yes Bank Ltd., according to banking industry insiders.
After that, the State Bank of India quickly disabled a few clients' debit cards, and it was currently replacing those cards to stop fraud.
The top three private sector lenders, ICICI Bank, HDFC Bank, and Axis Bank, each stated in separate announcements that there may have been card account breaches following usage at non-bank ATMs.
Additionally, certain consumers' debit cards are being reissued by Standard Chartered's Indian division.
Source: https://securityaffairs.com/52572/data-breach/indian-banks-breach.html
TPRM report: https://scoringcyber.rankiteo.com/company/axis-bank
"id": "axi173851123",
"linkid": "axis-bank",
"type": "Breach",
"date": "10/2016",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'customers_affected': 3250000,
'industry': 'Financial Services',
'location': 'India',
'name': 'Hitachi Payment Services',
'type': 'Financial Institution'},
{'industry': 'Financial Services',
'location': 'India',
'name': 'Yes Bank Ltd.',
'type': 'Financial Institution'},
{'industry': 'Financial Services',
'location': 'India',
'name': 'State Bank of India',
'type': 'Financial Institution'},
{'industry': 'Financial Services',
'location': 'India',
'name': 'ICICI Bank',
'type': 'Financial Institution'},
{'industry': 'Financial Services',
'location': 'India',
'name': 'HDFC Bank',
'type': 'Financial Institution'},
{'industry': 'Financial Services',
'location': 'India',
'name': 'Axis Bank',
'type': 'Financial Institution'},
{'industry': 'Financial Services',
'location': 'India',
'name': 'Standard Chartered',
'type': 'Financial Institution'}],
'attack_vector': 'Compromised ATM network processing',
'customer_advisories': 'Reissuing of debit cards',
'data_breach': {'number_of_records_exposed': 3250000,
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Debit card information'},
'description': 'Several Indian banks have taken drastic steps in response to '
'a security breach that may have compromised up to 3.25 '
'million debit cards—or 0.5% of the approximately 700 million '
'debit cards that Indian banks have issued.',
'impact': {'brand_reputation_impact': 'Negative impact on customer trust',
'data_compromised': 'Debit card information',
'identity_theft_risk': 'High',
'operational_impact': 'Reissuing of debit cards',
'payment_information_risk': 'High',
'systems_affected': 'ATM network processing systems'},
'initial_access_broker': {'entry_point': 'ATM network processing'},
'motivation': 'Financial Gain',
'post_incident_analysis': {'corrective_actions': 'Reissuing debit cards'},
'response': {'communication_strategy': 'Public announcements by affected '
'banks',
'containment_measures': 'Disabling affected debit cards',
'incident_response_plan_activated': 'Yes',
'remediation_measures': 'Reissuing debit cards'},
'title': 'Security Breach Compromises 3.25 Million Debit Cards in India',
'type': 'Data Breach',
'vulnerability_exploited': 'ATM network processing'}