PNB refutes claim that data of its 180 million customers breached

The bank's clarification comes after cyber security firm CyberX9 alleged that the personal and financial information of 180 million customers was exposed for about seven months.
The PNB said in a statement on Monday that there has been no breach of systems and pilferage of any personal data of any of its customers and account holders.(Reuters file photo)
The PNB said in a statement on Monday that there has been no breach of systems and pilferage of any personal data of any of its customers and account holders.(Reuters file photo)
Published on Nov 23, 2021 08:10 AM IST
Copy Link
Written by Harshit Sabarwal | Edited by Amit Chaturvedi, New Delhi

The Punjab National Bank (PNB) has refuted the claims of a cyber security firm that said that vulnerability in the bank's server exposed the details of millions of customers.

The PNB said in a statement on Monday that there has been no breach of systems and pilferage of any personal data of any of its customers and account holders.

“It is an established fact that hackers regularly attempt to penetrate every and all Internet-facing systems anywhere in the world. PNB has implemented stringent security controls in all our ICT systems. The reported attempt of the perpetrator was monitored and checked,” the statement said.

The bank also said it has deployed data leak prevention solutions that prevent any unauthorised data to be sent through emails, adding the said zone does not allow unauthorised access to anyone, including its own staff.

“The ICT systems are monitored round the clock by competent staff at the security operation centre. The data at rest and transit are encrypted using proprietary algorithms,” the statement added.

The bank's clarification comes after cyber security firm CyberX9 alleged that the personal and financial information of 180 million customers was exposed for about seven months.

Speaking to news agency PTI, Himanshu Pathak, the founder of CyberX9, claimed that PNB kept severely compromising the security of funds, personal and financial information of its 180 million customers. "PNB only woke up and fixed the vulnerability when CyberX9 discovered the vulnerability and notified PNB through CERT-In and NCIIPC," Pathak added.

CyberX9 found a very critical security issue in PNB that was leading to admin access to internal servers and therefore exposing a huge number of banks' systems nationwide open for cyber-attacks for the past seven months.

“The vulnerability which we discovered was leading to the highest level of admin privilege in PNB's exchange servers. If you gain access to Domain Controller through an exchange server then the doors very easily open to making any computer accessible in the network,” Himanshu Pathak said.

He also said that the computers could also include those that are being used in the bank's branches and other departments.

 

SHARE THIS ARTICLE ON
Topics
pnb
Close Story
SHARE
Story Saved
OPEN APP
×
Saved Articles
Following
My Reads
Sign out
New Delhi 0C
Monday, January 17, 2022