India experiences catastrophic cyberattack, 3.2 million debit card account details stolen

In one of the country's worst data breaches to date, 3.2 million debit cards have reportedly become compromised.
Written by Charlie Osborne, Contributing Writer
Wikimedia Commons

India is dealing with one of the worst data breaches ever to hit the country with as many as 3.2 million debit card details stolen from multiple banks and financial platforms.

On Thursday, the Economic Times reported that malware was used to compromise the Hitachi Payment Services platform, used to power India's ATM, point-of-sale (PoS) systems and other financial transactions.

This infection then affected the State Bank of India (SBI), ICICI, Yes, Axis and HDFC, which are said to be the hardest hit. The Visa and Mastercard networks are also allegedly affected by the data breach -- which took roughly six weeks to detect.

Little is known beyond feedback from several victims who claim that their cards are being used fraudulently in China.

See also: Here's the one surprising lesson I learned as a victim of debit card fraud

According to people familiar with the matter, SBI has blocked and will reissue 600,000 debit cards.

SBI chief information officer Mrutyunjay Mahapatra told the publication:

"Based on the complaints we have received, we are suspecting a compromise on the non-SBI ATM network which could include various white-label ATM service providers."

Financial security specialist SISA is investigating the case alongside the banks affected. In the meantime, customers have been asked to change their PIN numbers as a precautionary measure.

Top 5 security practices in staying safe online: From the experts

Editorial standards