PNB is facing another problem.Asia Times published that,data breach has happened,leaked sensitive credit & debit cards information of about 1,000 bank customers.As per a Hong Kong publisher,leaked data has names,expiry dates,personal id no.,leaked data had 2 sets of packages 1 with CVV numbers & 2nd without.Claimed that leaked information was available online for past three months & even card verification values of around 10,000 bank a/c holders.
After Nirav Modi episode,trouble does not seem to stop for the country's third largest public lender. According to a report published by the Asia Times, a data breach has happened, that reportedly leaked sensitive credit and debit cards information of around 1,000 bank customers.
According to the Hong Kong based publisher, the leaked data includes names, expiry dates, personal identification numbers and even card verification values of around 10,000 bank account holders.
PNB denies transferring 18,000 employees
The leaked data had two sets of packages one with CVV numbers and the other without.The report further claimed that the leaked information were available online since past three months.
The breach was found out by CloudSek Information Security, which is a Singapore based company that keeps a close eye on data transactions, even on sites that are unlisted on Google Search or any other major search engine.
After PNB scam, PSU banks to appoint special agency to monitor loans above Rs 250 crore
“We have a crawler that is deployed in the dark/deep web. These are sites on the internet which are not indexed by Google or other major search engines. They are used to buy and sell sensitive data illegally,” Chief Technical Officer Rahul Sasi told the paper.
“Our crawler detects any such data and sends it to a Machine Learning software that we have created. If this detects anything that is suspicious, and of interest to our clients, we immediately take action,” Sasi added.
PNB Scam: ED freezes Nirav Modi's firm accounts with Rs 30 crore balance, shares worth Rs 13.86 crore
Sasi further said that the company has to pass the details through a government agency as they were unable to contact PNB after detecting the breach as it is not a customer at the bank.
The PNB’s Chief Information Security Officer TD Virwani has confirmed that it was working with the government to contain fallout from the release of the data, which was offered through a website.
Government officials who were aware of the breach told the newspaper that they have been trying to establish the extent of the problem. As of now, they have discovered sensitive information from as many as 10,000 credit cards issued by the bank.
The agency further made shocking claims that the data has been on sale for $4.90 per card (Roughly Rs 320).
"Usually these sites on the deep/dark web build up reputations on the authenticity of the data they sell illegally. This particular site has a very good reputation. They offer a sample size to buyers to establish their credentials before the sale is made. In this case they were offering to sell the data at US$4.90 per card," he reported.