Cyber-attack on Banks: Axis Bank informed RBI of breach a month ago, hired EY to assess damage, says report

According to a report published by a leading English daily, a month ago the bank received a call from an engineer at Kaspersky Lab, the well-known Moscow-headquartered cyber security firm, who rattled off the names of several Axis computers which, he claimed, have been breached.

author-image
Arshi Aggarwal
Updated On
New Update
Cyber-attack on Banks: Axis Bank informed RBI of breach a month ago, hired EY to assess damage, says report

Axis Bank informed RBI of breach a month ago, hired EY to assess damage, says report (File photo)

One of India’s largest private lenders, Axis Bank, was informed of the security breach though an unexpected telephone call a month ago, a report said. 

According to a report published by Economic Times, the bank received a call from an engineer at Kaspersky Lab, the well-known Moscow-headquartered cyber security firm, who rattled off the names of several Axis computers which, he claimed, have been breached. 

“The Kaspersky man said his firm had stumbled on the information in the course of a separate probe. When an Axis team looked into the bank’s servers, it found out that there was indeed an unauthorized login by an unnamed, offshore hacker,” the report said. 

While, Axis Bank filed a preliminary report about the breach to RBI a month ago, the matter has only recently come into light after SBI reportedly recalled approximately 6.25 lakh debit cards, following the same breach. 

The Axis bank subsequently hired EY, the audit and advisory firm, to carry out an investigation, the report said. 

After the matter came into light, the bank on Wednesday disclosed that there was no loss to its customers from the recent cyber-attack. The malware attack was detected in time and was duly informed to the regulator RBI, Axis Bank said in a statement.

The bank's internal monitoring mechanism identified such a threat recently and all steps have been undertaken to neutralise the same, it said.

"We stay committed to our customers and it is always been our endeavour to ensure that our customers' interests are always protected. There has been no loss to our customers," it added.

As a responsible financial institution, it said, the bank proactively communicate potential threats to the regulator to maintain broader systemic integrity.

Meanwhile, SBI and its subsidiary banks blocked about 6 lakh debit cards due to a malware-related security breach as part of precautionary measures after being informed of potential risks to those cards.

In July, state-owned Union Bank of India was also hit by cyber-attack but successfully averted the theft from USD Nostro account.

Also read: Do you use debit cards of any bank? Read this as 'suspected' security breach feared in back-end system

When contacted, RBI official said the central bank is seized of the matter and is looking into the issue.

Bankers said the problem was first discovered between May and July, and banks have resorted to recall the affected debit cards from September.

Also read: Thirteen useful tips to secure your 'plastic money' transactions


Cyber Attack On Banks