Hitachi outed as source of Indian ATM malware infection
09 February 2017 | 8544 views | 1
Hitachi Payment Systems has admitted culpability for a breach of its ATM network in India that spawned a massive recall of debit cards by the nation's banks.
A report on the compromise conducted by audit outfit Sisa, pointed to a malware injection at Hitachi servers that went undetected for almost two months in mid-2016.
The malware compromised customer debit card details, leading India's top banks - including State Bank of India, HDFC Bank, ICICI Bank, Yes Bank and Axis Bank - to advise some customers to change PIN codes and to recall millions of debit cards. In the immediate aftermath of the breach being uncovered, the banks additionally blocked payments at international locations, reduced withdrawal limits and monitored unusual patterns.
A subsequent investigation by National Payments Corporation of India found that cases of illegal withdrawals were limited to 641 customers of 19 banks, and the total amount involved was 13 million rupees ($194,600).
Worryingly, the Sisa audit of Hitachi's payment switch was unable to determine the amount of data exfiltrated during the compromise period due to secure deletion by the malware.
Loney Antony, managing director, Hitachi Payment Services says: “Hitachi Payment Services regrets the inconvenience caused to banks and its customers due to this lapse in its security infrastructure. We assure you of our highest commitment to building a robust infrastructure in our systems and preventing such cyber frauds in future. We have further enhanced our infrastructure and will continue to undertake all mandatory and regulatory security measures as needed. We feel, together through a collaborative association with all our stakeholders (banks and regulators), we will be able to provide a safer system for financial transaction processing.”