The Minister of State in the Ministry of Finance
(a) & (b): As reported by commercial banks, 2.9 million cards were used at ATMs that were connected to Switch of HITACHI, which was subjected to malware attack. However, the successful attempts of misuse of compromised cards reported to RBI by banks was only 3291.
(c) & (d): National Payment Corporation of India (NPCI) has informed that no independent investigation was carried out by them. RBI has informed that Hitachi Payment Services (HPS) appointed SISA Infosec for PCI Forensic investigation. The final report suggested that the ATM infrastructure of HPS was breached and the data between May 21, 2016 and July 11, 2016 was compromised, but not the POS infrastructure.
(e): RBI advised banks to improve and maintain customer awareness and education with regard to cyber security risks. Banks were also asked to educate the customers on the downside risk of sharing their login credentials / passwords etc. to any third party vendor and the consequences thereof. RBI has set up a Cyber Security and IT Examination (CSITE) Cell within its Department of Banking Supervision in 2015. The Bank issued a comprehensive circular on Cyber Security Framework in Banks on June 2, 2016 covering best practices pertaining to various aspects of cyber security.
*******
Download PDF Files
