SBI, HDFC Bank, ICICI Bank, Yes Bank, and Axis Bank
Have you received an
alert from your bank recently urging you to change your ATM PIN? Turns out a
massive debit card hack has reportedly hit major Indian banks such as HDFC
Bank, ICICI Bank, Yes Bank, Axis Bank and SBI, compromising as many as 3.2
million debit cards.
According to an
Economic Times report, the hack may be
among the biggest ever financial data breaches in India with several victims
reporting unauthorized transactions that have reportedly originated in China.
SBI, HDFC Bank, ICICI
Bank, YES Bank and Axis Bank were among the worst hit, according to the report.
About 2.6 million affected cards are reportedly on the Visa and MasterCard
platform, while 600,000 are on Rupay.
In an e-mailed
statement India SBI
said, “Card network companies NPCI, MasterCard and Visa had informed
various banks in India about a potential risk to some cards in India owing to a
data breach. Accordingly, SBI has taken precautionary measures and have blocked
cards of certain customers identified by the networks.”
The statement added
that SBI’ systems have not been compromised, but the bank is in the process of
issuing new cards to card holders whose cards have been blocked.
“This is a cards
industry incident (not only SBI),” the statement added.
Times of India reported earlier that SBI is reissuing 600,000 debit cards in
addition to asking its customer to change their PINs.
A Yes Bank
spokesperson told Huff Post India in a statement the bank has “undertaken a comprehensive
review of its ATMs” and found no evidence of a breach or compromise on its
An Axis Bank spokesman
said, “the breach occurred in the case of customers who have used certain
non Axis Bank ATMs. "Over the last few weeks, Axis Bank has proactively
reached out to the affected customers and advised them to change their Debit
Card PINs. The Axis Bank ATM network is fully secured and customers should
ideally use Axis Bank ATMs to change their Debit Card PINs.”
Payments Council of
India has, meanwhile, begun a forensic audit to check into signs of financial
fraud into customer accounts. NPCI Managing Director AP Hota told ET that NPCI had received complaints from banks
about debit cards being used in China which had aroused suspicion"
HDFC Bank has also reportedly advised its customers to change its ATM pin and
only use HDFC ATMs for transactions, as non-HDFC ATMs may not have the security
controls at par with its own.
A MasterCard spokesperson said in an e-mailed statement,
“We are aware of the data compromise event. To be clear, MasterCard’s own
systems have not been breached.” The statement added it is currently
working on the investigations with regulators, issuers, acquirers, global and
local law enforcement agencies and third party payment networks to assess the
Visa has said that
while it doesn’t currently process domestic debit ATM transactions in India, it
is working closely with all networks and its financial institution partners to
support with the investigations. It also urged Visa cardholders to report any suspicious
activity and change PIN numbers as a precautionary measure.
The breach is said to
have originated through a malware that was introduced in the systems of Hitachi
Payment Services, a provider of ATMs and Point of Sale services. Hitachi
couldn’t be reached for comment.
ICICI, Axis Bank, and HDFC, weren’t immediately available for comment.
Note: This story has been updated to include additional comments
from MasterCard, Visa and Axis Bank.
Get Financial Planning done for free of cost; educate yourself
on 48+ Financial Products available in the market on call for free.
Get free financial advisory by giving a Missed
Call on 022 – 62116588
Visit us at: moneymindz.com/