Around 6.5 million Indian Debit Cards have been compromised recently which is one of the biggest security breaches our country has seen to date.
Around 641 customers of 19 different banks have reported frauds worth Rs 1.3 crores in total as of now and after that, all banks started investigating the matter. Some of the banks that are worst affected are SBI bank, ICICI bank, HDFC bank, and Axis bank.
Here is a real incident reported by Vishal Sharma on this article below in the comments section
My card got cloned and my account was wiped out on 5th Sept 2016 by cash withdrawals from china . I immediately informed my bank Standard chartered who then blocked my card. It took 10 days and a lot of following up before they gave me a temporary credit.
SBI alone has reported that it has blocked around 6 lacs debit cards and going to issue new cards soon. This is done as a precautionary measure so that no frauds are done on these 6 lacs cards.
As per the following video, these compromised debit cards were used in the US and China while the debit card owners were in India.
How did this all start?
Around Sept start, various customers started complaining to banks about the fraudulent transactions, and that when banks started reaching out to National Payments Corporation of India (NPCI), which found out that it was a malware-related security breach in various ATM’s and Points of sale systems which were managed by Hitachi Payment Services.
That’s when the banks asked its customers to change their PIN. Banks also blocked cards and started providing the new cards to its users.
The banks are saying that this security breach has happened outside the bank’s network, but still, the investigation is going on right now and more details will come up in coming times.
How did the security breach happen & What got Hacked?
As per the above video from NDTV, almost every detail of the card was hacked like
- Name on the card
- Expiry Number
- Card Number
- CVV number
When you use your card at an ATM or a point of sale (in some shop), the data first goes to a central server (central server switch) and that further sends the data to your bank to check if you have balance in your account or not. This central server had the malware sitting and the data was compromised at that point.
Can you take some precautions?
The only thing you can do right now is either change your PIN. Most of the security measures are already taken by the banks, so you can’t do much from your side now other than getting your card blocked (not recommended). You can read more details about this news here
Do you know anyone who faced the card fraud? Can you share that?
What do you think about this issue? What are your views?