Hitachi Payment Systems was to blame for a cyberattack of its ATM network in India, which resulted in banks having to recall a slew of debit cards.
According to a report, Sisa, the audit company, said malware installed on Hitachi servers remained there for close to two months in the middle of last year without Hitachi realizing it. The malware was able to compromise debit card information for a handful of banks in India, including State Bank of India, HDFC Bank, ICICI Bank, Yes Bank and Axis Bank. The banks were forced to urge some customers to change their PINs and recall debit cards from millions of customers. The banks also had to block payments at international locations, lower the limits in terms of withdrawals and monitor the systems to identify any fraud.
An inquiry launched by the National Payments Corporation of India found that illegals withdrawals happened to only 641 customers of 19 banks. The total amount of the fraud was $194,600, noted the report. The report noted the Sisa audit wasn’t able to figure out how much data was compromised during the period that the malware was running on Hitachi servers.
“Hitachi Payment Services regrets the inconvenience caused to banks and its customers due to this lapse in its security infrastructure,” said Loney Antony, managing director of Hitachi Payment Services, in the report. “We assure you of our highest commitment to building a robust infrastructure in our systems and preventing such cyber frauds in future. We have further enhanced our infrastructure and will continue to undertake all mandatory and regulatory security measures as needed. We feel, together through a collaborative association with all our stakeholders (banks and regulators), we will be able to provide a safer system for financial transaction processing.”