Last week, US prosecutors said a global criminal gang stole $45 million from two West Asian banks by breaking into the two card processing companies based in India and raising the balances and withdrawal limits.
“India is exposed in two ways: The threat that the same theft could happen in India and the fact that the outsourcing industry will also get affected,” said Arpinder Singh, partner and national director for fraud investigation and dispute services at consultancy Ernst & Young.
The episode is reopening debate on banks sending work requiring a high degree of confidentiality to offshore locations. “It is the weakest link,” said Shane Shook, an expert with US cyber-security firm Cylance Inc. “The lesson is they need to pull back on what they’ve outsourced. When you’re giving a third party, the outsourced entity, the ability to access cash limits of the consumers you’re managing the finances for, you’re giving up control that is your fundamental responsibility.”
ElectraCard admits system breach
A Pune-based card processing company acknowledged on Monday that hackers breached its security to increase the limits on some pre-paid card accounts in a global ATM heist in December.
ElectraCard Services said no customer data was stolen from it and any tampering of ATM cards occurred elsewhere.