Passwords compromised in majority of debit card fraud transactions
Amid reports of a widespread debit card security breach, a senior State Bank of India official on Saturday said account passwords were compromised in a majority of cases.business Updated: Oct 22, 2016 19:47 IST
Amid reports of a widespread debit card security breach, a senior State Bank of India official on Saturday said account passwords were compromised in a majority of cases.
“I strongly believe password is being compromised and most cases are of false transactions,” chief general manager of State Bank of India, Bengal circle, Partha Pratim Sengupta told IANS.
SBI, the country’s largest commercial lender, has advised its customers to use the bank’s own Automated Teller Machine (ATM) network after the security breach of around six lakh debit cards issued by the bank.
“Prima facie information says a lot of password compromise is happening. But we are obviously looking into the audit trail and will check transaction history of all customers who have suffered to see if there is any kind of malware problem,” he said.
The bank had blocked the debit cards whose security was reportedly breached due to the malware attack.
Some of the country’s top private banks such as HDFC Bank, ICICI Bank and Yes Bank too are facing similar issues and several of the customers’ debit cards have reportedly been compromised.
SBI on Wednesday had blocked close to six lakh debit cards following a malware-related security breach in a non-SBI ATM network.
Several other banks such as Axis Bank, HDFC Bank and ICICI Bank too have admitted being hit by similar cyber attacks — forcing Indian banks to either replace or request users to change the security codes of as many as 3.2 million debit cards over the last two months.
There were also reports of fraudsters robbing customers of their bank deposits by calling them up and forcing them to give out details of debit cards on the threat of blocking the debit cards.
Sengupta cautioned customers not to divulge details like PIN, card verification value, or any other identity information to anybody. “The bank will never ask for these details,” the mailers read.