30 April 2017
visit nextgenbanking.co.uk

Hitachi outed as source of Indian ATM malware infection

09 February 2017  |  7117 views  |  1 Rupees

Hitachi Payment Systems has admitted culpability for a breach of its ATM network in India that spawned a massive recall of debit cards by the nation's banks.

A report on the compromise conducted by audit outfit Sisa, pointed to a malware injection at Hitachi servers that went undetected for almost two months in mid-2016.

The malware compromised customer debit card details, leading India's top banks - including State Bank of India, HDFC Bank, ICICI Bank, Yes Bank and Axis Bank - to advise some customers to change PIN codes and to recall millions of debit cards. In the immediate aftermath of the breach being uncovered, the banks additionally blocked payments at international locations, reduced withdrawal limits and monitored unusual patterns.

A subsequent investigation by National Payments Corporation of India found that cases of illegal withdrawals were limited to 641 customers of 19 banks, and the total amount involved was 13 million rupees ($194,600).

Worryingly, the Sisa audit of Hitachi's payment switch was unable to determine the amount of data exfiltrated during the compromise period due to secure deletion by the malware.

Loney Antony, managing director, Hitachi Payment Services says: “Hitachi Payment Services regrets the inconvenience caused to banks and its customers due to this lapse in its security infrastructure. We assure you of our highest commitment to building a robust infrastructure in our systems and preventing such cyber frauds in future. We have further enhanced our infrastructure and will continue to undertake all mandatory and regulatory security measures as needed. We feel, together through a collaborative association with all our stakeholders (banks and regulators), we will be able to provide a safer system for financial transaction processing.”

Comments: (1)

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune | 09 February, 2017, 17:57

LOL. I thought this issue was forgotten after #CurrencySwitch. During the cash crunch caused by the recent demonetization in India, the longest queue I saw outside an ATM was at the bank whose ATM network was run by HDS and held responsible for the debit card data breach. 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

International ATM hacking gang taken down

International ATM hacking gang taken down

02 February 2017  |  4914 views  |  0 comments | 6 tweets | 11 linkedin
Euronet earnings hit by Indian cash supply shortage

Euronet earnings hit by Indian cash supply shortage

30 November 2016  |  3049 views  |  1 comments | 4 tweets | 4 linkedin
Indian banks hit by massive ATM breach

Indian banks hit by massive ATM breach

20 October 2016  |  9590 views  |  2 comments | 17 tweets | 25 linkedin
India to redefine ATMs as bank branches

India to redefine ATMs as bank branches

12 October 2016  |  5405 views  |  2 comments | 6 tweets | 10 linkedin
UK cops arrest ATM malware suspect in Romania

UK cops arrest ATM malware suspect in Romania

06 October 2016  |  7346 views  |  0 comments | 6 tweets | 3 linkedin
Thai police hunt suspects behind $350,000 ATM jackpotting heist

Thai police hunt suspects behind $350,000 ATM jackpotting heist

30 August 2016  |  3815 views  |  0 comments | 3 tweets | 6 linkedin
Yakuza arrested over massive ATM heist

Yakuza arrested over massive ATM heist

04 August 2016  |  4189 views  |  0 comments | 3 tweets | 5 linkedin
Arrests made in Taiwan ATM swindle

Arrests made in Taiwan ATM swindle

18 July 2016  |  4195 views  |  0 comments | 3 tweets | 2 linkedin
Taiwan banks suspend Wincor Nixdorf ATM withdrawals after crooks steal millions

Taiwan banks suspend Wincor Nixdorf ATM withdrawals after crooks steal millions

12 July 2016  |  10775 views  |  1 comments | 12 tweets | 16 linkedin
$55m ATM heist mastermind pleads guilty

$55m ATM heist mastermind pleads guilty

02 March 2016  |  6171 views  |  2 comments | 4 tweets | 3 linkedin
Cops break up ATM jackpotting gang

Cops break up ATM jackpotting gang

07 January 2016  |  6926 views  |  0 comments | 2 linkedin
ATM attack vectors on the rise

ATM attack vectors on the rise

27 November 2015  |  7114 views  |  0 comments | 4 tweets | 3 linkedin
$14m ATM heist gang member jailed

$14m ATM heist gang member jailed

06 July 2015  |  3647 views  |  0 comments | 1 tweets | 6 linkedin

Related company news

 

Related blogs

Create a blog about this story (membership required)
Find out moreVisit capgemini.comvisit dh.com

Top topics

Most viewed Most shared
JPMorgan formally quits R3JPMorgan formally quits R3
8410 views comments | 27 tweets | 16 linkedin
Six global banks join Swift DLT trialsSix global banks join Swift DLT trials
8318 views comments | 18 tweets | 36 linkedin
BBVA steps up fintech acquisition strategy with purchase of OpenpayBBVA steps up fintech acquisition strategy...
7742 views comments | 19 tweets | 18 linkedin
Should central banks open up payment and settlement systems to non-banks?Should central banks open up payment and s...
6493 views comments | 22 tweets | 21 linkedin
UBS moves risk platform to Microsoft Azure cloudUBS moves risk platform to Microsoft Azure...
6387 views comments | 11 tweets | 21 linkedin

Featured job

Six Figure Base + Commission + Stock Options
London

Find your next job