Debit card security breach: Did banks ignore warnings sent by cyberattack watchdog?

CERT-in issued several advisories to banks and financial institutions between October 7 to October 20.

author-image
Kanishk Sharma
Updated On
New Update
Debit card security breach: Did banks ignore warnings sent by cyberattack watchdog?

CERT-in issued several advisories to banks and financial institutions between October 7 to October 20. (File Photo)

India's apex cyber attacks watchdog Computer Emergency Response Team (CERT-in) had asked banks to remain on high alert days before the data of 32 lakh dabit cards was compromised and leaked in the cyber world. 

CERT-in issued several advisories to banks and financial institutions between October 7 to October 20.  

"Multiple vulnerabilities have been spotted in Adobe Acrobat and Reader which could allow a remote attacker to execute arbitrary code and bypass security controls on the target system," an advisory issued on Thursday stated.

Read: Debit card security breach: Cards fraudulently used in China and USA while customers were in India, says NPCI

The advisory further mentioned that the vulnerabilities are caused due to various use after free memory errors, memory corruption errors, heap buffer overflows, integer overflow and JavaScript API bypass issues. A remote attacker could exploit these vulnerabilities by creating specially-crafted content and by convincing the target user to open the malicious file.

However, the said advisories could not prevent the debit card data leak that resulted in 32.5 lakh debit cards being left vulnerable to monetary loss or online fraud.

A report published in The Economic Times said that the CERT-in had indicated that such an attack may generate from Pakistan in the wake of the 'surgical strikes' by the Indian Army across the Line-of-Control (LoC) targeting the terror launch pads.

Following the breach, country’s largest bank State Bank of India and its subsidiary banks blocked about 6.25 lakh debit cards of their customers. In the wake of suspicious transactions at third-party ATM machines.

Read more: Debit card security breach scare: SBI advises customers to use its own ATM service

Security Breach: Swift action to be taken in debit card data compromise, says Govt

CERT-In Debit card security breach