Several Indian banks have taken drastic steps in response to a security breach that may have compromised up to 3.25 million debit cards—or 0.5% of the approximately 700 million debit cards that Indian banks have issued.
The financial institution is Hitachi Payment Services, a subsidiary of Hitachi Ltd. that oversees ATM network processing for Yes Bank Ltd., according to banking industry insiders.
After that, the State Bank of India quickly disabled a few clients' debit cards, and it was currently replacing those cards to stop fraud.
The top three private sector lenders, ICICI Bank, HDFC Bank, and Axis Bank, each stated in separate announcements that there may have been card account breaches following usage at non-bank ATMs.
Additionally, certain consumers' debit cards are being reissued by Standard Chartered's Indian division.
Source: https://securityaffairs.com/52572/data-breach/indian-banks-breach.html
TPRM report: https://scoringcyber.rankiteo.com/company/state-bank-of-india
"id": "sta173651123",
"linkid": "state-bank-of-india",
"type": "Breach",
"date": "10/2016",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'customers_affected': '3.25 million',
'industry': 'Finance',
'location': 'India',
'name': 'Hitachi Payment Services',
'type': 'Financial Institution'},
{'industry': 'Finance',
'location': 'India',
'name': 'Yes Bank Ltd.',
'type': 'Bank'},
{'industry': 'Finance',
'location': 'India',
'name': 'State Bank of India',
'type': 'Bank'},
{'industry': 'Finance',
'location': 'India',
'name': 'ICICI Bank',
'type': 'Bank'},
{'industry': 'Finance',
'location': 'India',
'name': 'HDFC Bank',
'type': 'Bank'},
{'industry': 'Finance',
'location': 'India',
'name': 'Axis Bank',
'type': 'Bank'},
{'industry': 'Finance',
'location': 'India',
'name': 'Standard Chartered',
'type': 'Bank'}],
'attack_vector': 'Compromised ATM Network',
'data_breach': {'number_of_records_exposed': '3.25 million',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Debit Card Information'},
'description': 'Several Indian banks have taken drastic steps in response to '
'a security breach that may have compromised up to 3.25 '
'million debit cards, or 0.5% of the approximately 700 million '
'debit cards that Indian banks have issued.',
'impact': {'data_compromised': 'Debit Card Information',
'operational_impact': 'Reissuance of Debit Cards',
'systems_affected': 'ATM Networks'},
'initial_access_broker': {'entry_point': 'Non-bank ATMs'},
'motivation': 'Fraud',
'post_incident_analysis': {'corrective_actions': 'Reissuance of Debit Cards',
'root_causes': 'Compromised ATM Network '
'Processing'},
'response': {'containment_measures': 'Disabling Debit Cards, Reissuing Debit '
'Cards'},
'title': 'Debit Card Breach Affecting Multiple Indian Banks',
'type': 'Data Breach',
'vulnerability_exploited': 'ATM Network Processing'}