21 August 2017
Find out more

Hitachi outed as source of Indian ATM malware infection

09 February 2017  |  8301 views  |  1 Rupees

Hitachi Payment Systems has admitted culpability for a breach of its ATM network in India that spawned a massive recall of debit cards by the nation's banks.

A report on the compromise conducted by audit outfit Sisa, pointed to a malware injection at Hitachi servers that went undetected for almost two months in mid-2016.

The malware compromised customer debit card details, leading India's top banks - including State Bank of India, HDFC Bank, ICICI Bank, Yes Bank and Axis Bank - to advise some customers to change PIN codes and to recall millions of debit cards. In the immediate aftermath of the breach being uncovered, the banks additionally blocked payments at international locations, reduced withdrawal limits and monitored unusual patterns.

A subsequent investigation by National Payments Corporation of India found that cases of illegal withdrawals were limited to 641 customers of 19 banks, and the total amount involved was 13 million rupees ($194,600).

Worryingly, the Sisa audit of Hitachi's payment switch was unable to determine the amount of data exfiltrated during the compromise period due to secure deletion by the malware.

Loney Antony, managing director, Hitachi Payment Services says: “Hitachi Payment Services regrets the inconvenience caused to banks and its customers due to this lapse in its security infrastructure. We assure you of our highest commitment to building a robust infrastructure in our systems and preventing such cyber frauds in future. We have further enhanced our infrastructure and will continue to undertake all mandatory and regulatory security measures as needed. We feel, together through a collaborative association with all our stakeholders (banks and regulators), we will be able to provide a safer system for financial transaction processing.”

Comments: (1)

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune | 09 February, 2017, 17:57

LOL. I thought this issue was forgotten after #CurrencySwitch. During the cash crunch caused by the recent demonetization in India, the longest queue I saw outside an ATM was at the bank whose ATM network was run by HDS and held responsible for the debit card data breach. 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

International ATM hacking gang taken down

International ATM hacking gang taken down

02 February 2017  |  5289 views  |  0 comments | 6 tweets | 11 linkedin
Euronet earnings hit by Indian cash supply shortage

Euronet earnings hit by Indian cash supply shortage

30 November 2016  |  3348 views  |  1 comments | 4 tweets | 4 linkedin
Indian banks hit by massive ATM breach

Indian banks hit by massive ATM breach

20 October 2016  |  10148 views  |  2 comments | 17 tweets | 25 linkedin
India to redefine ATMs as bank branches

India to redefine ATMs as bank branches

12 October 2016  |  5914 views  |  2 comments | 6 tweets | 10 linkedin
UK cops arrest ATM malware suspect in Romania

UK cops arrest ATM malware suspect in Romania

06 October 2016  |  7779 views  |  0 comments | 6 tweets | 3 linkedin
Thai police hunt suspects behind $350,000 ATM jackpotting heist

Thai police hunt suspects behind $350,000 ATM jackpotting heist

30 August 2016  |  4112 views  |  0 comments | 3 tweets | 6 linkedin
Yakuza arrested over massive ATM heist

Yakuza arrested over massive ATM heist

04 August 2016  |  4479 views  |  0 comments | 3 tweets | 5 linkedin
Arrests made in Taiwan ATM swindle

Arrests made in Taiwan ATM swindle

18 July 2016  |  4526 views  |  0 comments | 3 tweets | 2 linkedin
Taiwan banks suspend Wincor Nixdorf ATM withdrawals after crooks steal millions

Taiwan banks suspend Wincor Nixdorf ATM withdrawals after crooks steal millions

12 July 2016  |  11267 views  |  1 comments | 12 tweets | 16 linkedin
$55m ATM heist mastermind pleads guilty

$55m ATM heist mastermind pleads guilty

02 March 2016  |  6426 views  |  2 comments | 4 tweets | 3 linkedin
Cops break up ATM jackpotting gang

Cops break up ATM jackpotting gang

07 January 2016  |  7318 views  |  0 comments | 2 linkedin
ATM attack vectors on the rise

ATM attack vectors on the rise

27 November 2015  |  7341 views  |  0 comments | 4 tweets | 3 linkedin
$14m ATM heist gang member jailed

$14m ATM heist gang member jailed

06 July 2015  |  3809 views  |  0 comments | 1 tweets | 6 linkedin

Related company news

 

Related blogs

Create a blog about this story (membership required)
visit www.dorsum.euvisit www.niceactimize.comvisit www.abe-eba.eu

Top topics

Most viewed Most shared
Mobile contactless spending accelerating in UKMobile contactless spending accelerating i...
10606 views comments | 24 tweets | 23 linkedin
hands typing furiouslyWhy Is Risk Analytics Important?
8871 views 0 | 5 tweets | 1 linkedin
Norwegian banks and startups form fintech clusterNorwegian banks and startups form fintech...
8851 views comments | 19 tweets | 23 linkedin
RBS to bring Silicon Valley to EdinburghRBS to bring Silicon Valley to Edinburgh
8524 views comments | 10 tweets | 7 linkedin
Barclays pairs banking data with third party apps for SmartBusiness DashboardBarclays pairs banking data with third par...
8253 views comments | 18 tweets | 16 linkedin

Featured job

Competitive base and bonus, plus benefits
London, UK

Find your next job