Debit Card Hack: 3.2 Million ATM Cards Of Major Indian Banks Compromised By Malware In Hitachi Machines

Indian banks are reeling with one of the largest security breaches to date. Data of more than 3 million debit cards, used to withdraw money from ATMs and make cashless payments, is believed to be stolen by organized hackers. Security experts in the country strongly believe the hack, discovered in machines made by Hitachi, to be the handiwork of Chinese hackers.

Large public and private sector banks in India have been hit with a major security breach involving their debit cards. According to official responses sent out, India’s biggest banks including State Bank of India (SBI), HDFC Bank, Yes Bank, ICICI Bank, and Axis Bank have been affected. However, experts caution that other banks might have been targeted, but are unaware of the developing situation. The banks that spotted the hack have advised several steps the customers need to take in order to prevent unauthorized transactions on their accounts.

Indian Bank Authorities Say 3.2 Million Debit Cards Hacked https://t.co/aNRFpCt4W8 #hacker #hacked #bank #3Million #Debit #Card

— Anykey (@TechnoFails) October 21, 2016

So far, India’s largest bank, SBI, has advised its customers to use its own Automatic Teller Machines (ATMs) for safe transactions. Moreover, it has been sending out SMS to its customers advising them to be wary of transaction notifications, irrespective of the amount. It is quite likely the hackers might test if the bank customer remains unaware of the transaction. If the customer doesn’t report suspicious activity, the hackers might proceed to carry out larger transactions, note cyber-security experts.

Security teams of respective banks have been trying to investigate who is behind the massive security breach. Although they haven’t zeroed in on any suspects, a number of affected customers have observed unauthorized transactions made on their cards in various locations across China, reported Economic Times. Other reports indicate merchandise was bought in Indonesia and Brazil, using stolen debit card data.

Apart from the notifications, considering the severity of the hack, SBI is trying to replace over 600,000 cards within the next few days. These cards were automatically blocked by the bank’s security system after it noticed several suspicious transactions, especially those which were conducted overseas. Majority of the cardholders had never set foot outside their home country, and hence it was pretty obvious that the transactions weren’t being conducted by the legitimate cardholders. Speaking about the hack, SBI Chief General Manager (Kolkata Circle) Partha Pratim Sengupta said,

“We have set an internal target of seven to ten days for issuing the new debit cards to the customers whose cards have been blocked. We advise our customers to use SBI ATMs only at the moment for safe transactions.”

Hackers managed to obtain the card details by planting malware within Hitachi Payment Services platform. The platform offers cashless transactions across millions of Point of Sale (PoS) machines. The system also powers more than 50,000 ATMs across the country. The malware was designed to collect several details while the shopkeeper or the cardholder swiped the debit card for conducting financial transactions.

32 lakh ATM cards were hacked originating from China. What was our government cyber cell doing ??? Immediately… https://t.co/RKdqx1BgpF

— Sanjay (Warrior Monk) (@fearlessoracle) October 21, 2016

Fortunately, none of the banks’ internal systems have been compromised. Hence confidential customer data and core banking functions have remain untouched by hackers. However, ATM machines designed, built, and maintained by NPC could be affected. According to official sources, of 3.2 million debit cards, 2.6 million are powered by Visa or MasterCard and the rest 600,000 work on top of India’s own RuPay platform, reported The Hacker News.

Incidentally, MasterCard has confirmed that its internal systems weren’t breached. But the Payments Council of India has ordered a forensic audit on the Indian bank servers to assess the damage and investigate the origin of the sophisticated attack.

Seeding #aadhaar into all databases = all eggs in one basket. One CIDR hack would make breach much worse?… https://t.co/qFTsenDUUi

— Road Scholarz (@roadscholarz) October 22, 2016

The extent of the damage is dependent on the card, noted bank officials. Cards that rely solely on magnetic strip to relay account information to the PoS or ATM machine are the most vulnerable. Customers who have been issued the EMV (Europay, MasterCard, and Visa) chip-equipped cards (better known as Chip-and-Pin cards) are relatively immune to the hack. These new cards store data in encrypted form and only transmit a secure and unique one-time-use code to complete the transaction.

[Featured Image by Eric Feferberg/Getty Images]