The Union Government has announced that total of 29 lakh debit cards were subjected to malware attack in through ATMs that were connected with the switch of Hitachi.
It was announced by Union Minister of State (MoS) for Finance Santosh Kumar Gangwar in a written reply to the Lok Sabha.
The reply mentioned that the malware-induced security breach between May and July 2016 had compromised only 3,291 cards as reported by banks to the RBI.
Measures taken after security breach
- The Hitachi Payment Services (HPS) had appointed SISA Infosec for The Payment Card Industry (PCI) forensic investigation. NPCI had not carried out independent investigation.
- The forensic report suggested that the only ATM infrastructure of HPS was breached and not the POS (point of sale) infrastructure.
- RBI had advised banks to improve and maintain customer awareness and education with regard to cyber security risks.
- RBI also has set up a Cyber Security and IT Examination (CSITE) Cell within its Department of Banking Supervision in 2015.
- The central bank also had issued a comprehensive circular in June 2016 covering best practices pertaining to various aspects of cyber security.
- It had instructions on banks cyber-security framework, asking them to put in place a board-approved cyber security policy, make arrangement for continuous surveillance and prepare a cyber-crisis management plan.
Malware is short form of malicious software. It is any software used to disrupt computer or mobile operations, gain access to private computer systems, gather sensitive information, or display unwanted advertising. Before the term malware was coined by Yisrael Radai in 1990, malware was referred to as computer viruses.