Indian banks will either replace or ask users to change the security codes of as many as 3.2 million debit cards. Several victims have reported unauthorised usage from locations in China.
Out of 3.2 million debit cards, 2.6 million are said to be on the Visa and Master-Card platform. 600,000 on the RuPay platform.
Worst-hit banks:
The State Bank of India, HDFC, ICICI , YES Bank and Axis Bank, are the worst-hit, said a report published in The Economic Times.
As per the report, the breach is said to have originated in malware introduced in Hitachi Payment Services system. It enabled fraudsters to steal information allowing them to steal funds. Hitachi provides ATM, point of sale (PoS) and other services.
Forensic audit ordered:
To detect the origin of frauds that might have hit customer accounts, a forensic audit has now been ordered by Payments Council of India on Indian bank servers and systems . NPCI Managing Director AP Hota said, reported English daily, "We have received complaints from banks about debit cards being used in China which aroused suspicion."
SBI blocks over half million debit cards after security risk:
Following a suspected security breach, the State Bank Of India (SBI) has blocked more than 600,000 debit cards of its customers and will issue fresh cards to them, official sources said here on Wednesday.
The malware-related security breach was reportedly detected in the non-SBI ATM network and the move is intended to ensure that customer's confidential personal data is not compromised while swiping.
Confirming, a SBI spokesperson said that card network companies NPCI, MasterCard and Visa had informed various banks in India about a potential risk to some cards in India "owing to a data breach".
"Accordingly, SBI has taken precautionary measures and have blocked cards of certain customers identified by the networks," the spokesperson said, without revealing the exact number of customers who would be affected.
The SBI emphasised that its own systems have absolutely not been compromised and existing cardholders are not at any risk and can continue to use their cards as usual.
Meanwhile, SBI will issue new cards free of cost to the affected customers in the incidents affecting the cards industry.
According to banking circles, several other banks have also experienced similar problems as a few ATMs have been hit by a malware which has a high potential to compromise customers data.
Official figures indicate that SBI has over 20 crore active debit cards, besides another 4.75 crore of its associate banks.
Some private banks are conducting security review by experts of its ATM networks to pre-empt any type of breaches.