29 lakh debit cards subjected to malware attack

New Delhi: A total of 29 lakh debt cards were subjected to malware attack last year through ATMs that were connected with the switch of Hitachi, the government said today.

As reported by commercial banks, 2.9 million cards were used at ATMs that were connected to switch of Hitachi, which was subjected to malware attack, Minister of State for Finance Santosh Kumar Gangwar said in a written reply to the Lok Sabha.

However, he said the successful attempts of misuse of compromised cards as reported to the RBI by banks was only 3,291.

“RBI has informed that Hitachi Payment Services (HPS) appointed SISA Infosec for PCI forensic investigation. The final report suggested that the ATM infrastructure of HPS was breached and the data between May 21 and July 11, 2016 were compromised, but not the POS (point of sale) infrastructure,” he said.

According to the minister, the National Payment Corporation of India (NPCI) has said no independent investigation was carried out by it.

He further said the RBI advised banks to improve and maintain customer awareness and education with regard to cyber security risks.

“Banks were also asked to educate the customers on the downside risk of sharing their login credentials or passwords etc to any third-party vendor and the consequences thereof,” he added.

RBI has set up a Cyber Security and IT Examination (CSITE) Cell within its Department of Banking Supervision in 2015, he said, adding that the bank issued a comprehensive circular on June 2, 2016 covering best practices pertaining to various aspects of cyber security.

In another reply, Gangwar said total stressed assets (gross non-performing assets and restructured standard advances) of scheduled commercial banks were Rs 9.64 lakh crore as on December 31, 2016.