23 June 2017
Visit cib.db.com

Hitachi outed as source of Indian ATM malware infection

09 February 2017  |  7792 views  |  1 Rupees

Hitachi Payment Systems has admitted culpability for a breach of its ATM network in India that spawned a massive recall of debit cards by the nation's banks.

A report on the compromise conducted by audit outfit Sisa, pointed to a malware injection at Hitachi servers that went undetected for almost two months in mid-2016.

The malware compromised customer debit card details, leading India's top banks - including State Bank of India, HDFC Bank, ICICI Bank, Yes Bank and Axis Bank - to advise some customers to change PIN codes and to recall millions of debit cards. In the immediate aftermath of the breach being uncovered, the banks additionally blocked payments at international locations, reduced withdrawal limits and monitored unusual patterns.

A subsequent investigation by National Payments Corporation of India found that cases of illegal withdrawals were limited to 641 customers of 19 banks, and the total amount involved was 13 million rupees ($194,600).

Worryingly, the Sisa audit of Hitachi's payment switch was unable to determine the amount of data exfiltrated during the compromise period due to secure deletion by the malware.

Loney Antony, managing director, Hitachi Payment Services says: “Hitachi Payment Services regrets the inconvenience caused to banks and its customers due to this lapse in its security infrastructure. We assure you of our highest commitment to building a robust infrastructure in our systems and preventing such cyber frauds in future. We have further enhanced our infrastructure and will continue to undertake all mandatory and regulatory security measures as needed. We feel, together through a collaborative association with all our stakeholders (banks and regulators), we will be able to provide a safer system for financial transaction processing.”

Comments: (1)

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune | 09 February, 2017, 17:57

LOL. I thought this issue was forgotten after #CurrencySwitch. During the cash crunch caused by the recent demonetization in India, the longest queue I saw outside an ATM was at the bank whose ATM network was run by HDS and held responsible for the debit card data breach. 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

International ATM hacking gang taken down

International ATM hacking gang taken down

02 February 2017  |  5138 views  |  0 comments | 6 tweets | 11 linkedin
Euronet earnings hit by Indian cash supply shortage

Euronet earnings hit by Indian cash supply shortage

30 November 2016  |  3211 views  |  1 comments | 4 tweets | 4 linkedin
Indian banks hit by massive ATM breach

Indian banks hit by massive ATM breach

20 October 2016  |  9901 views  |  2 comments | 17 tweets | 25 linkedin
India to redefine ATMs as bank branches

India to redefine ATMs as bank branches

12 October 2016  |  5625 views  |  2 comments | 6 tweets | 10 linkedin
UK cops arrest ATM malware suspect in Romania

UK cops arrest ATM malware suspect in Romania

06 October 2016  |  7595 views  |  0 comments | 6 tweets | 3 linkedin
Thai police hunt suspects behind $350,000 ATM jackpotting heist

Thai police hunt suspects behind $350,000 ATM jackpotting heist

30 August 2016  |  3958 views  |  0 comments | 3 tweets | 6 linkedin
Yakuza arrested over massive ATM heist

Yakuza arrested over massive ATM heist

04 August 2016  |  4356 views  |  0 comments | 3 tweets | 5 linkedin
Arrests made in Taiwan ATM swindle

Arrests made in Taiwan ATM swindle

18 July 2016  |  4354 views  |  0 comments | 3 tweets | 2 linkedin
Taiwan banks suspend Wincor Nixdorf ATM withdrawals after crooks steal millions

Taiwan banks suspend Wincor Nixdorf ATM withdrawals after crooks steal millions

12 July 2016  |  11067 views  |  1 comments | 12 tweets | 16 linkedin
$55m ATM heist mastermind pleads guilty

$55m ATM heist mastermind pleads guilty

02 March 2016  |  6308 views  |  2 comments | 4 tweets | 3 linkedin
Cops break up ATM jackpotting gang

Cops break up ATM jackpotting gang

07 January 2016  |  7132 views  |  0 comments | 2 linkedin
ATM attack vectors on the rise

ATM attack vectors on the rise

27 November 2015  |  7234 views  |  0 comments | 4 tweets | 3 linkedin
$14m ATM heist gang member jailed

$14m ATM heist gang member jailed

06 July 2015  |  3723 views  |  0 comments | 1 tweets | 6 linkedin

Related company news

 

Related blogs

Create a blog about this story (membership required)
visit www.www.fisglobal.comvisit www.finastra.comvisit www.response.ncr.com

Top topics

Most viewed Most shared
Worldpay pilots app-only mPOS for small retailersWorldpay pilots app-only mPOS for small re...
8603 views comments | 17 tweets | 27 linkedin
Live: EBAday 2017, day twoLive: EBAday 2017, day two
8423 views comments | 4 tweets | 5 linkedin
Live: EBAday 2017, day oneLive: EBAday 2017, day one
7727 views comments | 3 tweets | 4 linkedin
UK banks will need to change one million sort codes under ring-fencing rulesUK banks will need to change one million s...
7596 views comments | 8 tweets | 25 linkedin
UBS dangles $200,000 carrot to woo startups to fintech challengeUBS dangles $200,000 carrot to woo startup...
6503 views comments | 12 tweets | 5 linkedin

Featured job

Six Figure Base + Commission + Stock Options
London

Find your next job