PNB Data Breach Hits 10,000 Credit, Debit Card Customers
Punjab National Bank is an Indian multinational banking as well as financial services company, based in New Delhi, India. The Bank is already under great stress due to the recent banking scam of Rs 11,400 crore (USD 1,771.69 million) by India’s one of the biggest business tycoon Nirav Modi.
These transactions are said to been going on for about seven years now but were unearthed by PNB at one of its Mumbai branches. And now in latest development, Punjab National Bank has suffered a data breach, which in turn will increase troubles for Punjab National Bank.
According to the reports, the breach has affected as many as 10,000 credit and debit card accounts. Security experts also believe that due to the breach cardholders’ sensitive information were available for purchase through a website for the duration of at least three months.
After the PNB breach Information such as names, expiry dates, PIN and Card Verification Values were also released online.The reports also stated that PNB somehow did not detect the data breach, the information was given to them by CloudSek Information Security.
CloudSek Information Security is basically a Singapore-based artificial intelligence technology-based enterprise, which helps businesses to monitor threat. They also keep an eye on sites that are not even listed on Google Search. The agency also claims that the data which has been on sale for about 3 months was on sale online for Rs 320 per card.
Chief Technical Officer Rahul Sasi who were aware of the breach made a revelation to a portal that after finding of the breach, various agencies were informed about it, so they could try and come to the extent of this problem. He further added that two sets of data were released online, some with CVV numbers and some without.
He went on to say that the web crawler usually detects any such fraudulent activity adding to that “If this detects anything that is suspicious and of interest to our clients, we immediately take action,” he added.
In his statement to the Asia Times, he added that the company has to pass the details through a government agency as they were unable to contact PNB after detecting the breach as it is not a customer at the bank. He also indicated that these sensitive details are still current for thousands of card customers.
According to the report, payment gateways were also checked but they still didn’t come up with a relevant reason for the breach.