Hitachi payment Services conducted an audit regarding security breach that had compromised about 3.2 million credit cards issued by Indian banks in October 2016, after Reserve bank of India ordered an audit four months back.
The company confirmed on Thursday that their system was affected by "a sophisticated injection of malware (malicious software code)", that hampered detail of debit cards issued by banks.
Hitachi Payment Services, a firm that provides ATMs, point of sale and other services in India, said security audit firm SISA Information Security has completed its final assessment report on the breach and discovered that the highly sophisticated malware had worked undetected and concealed its tracks during the compromise period between May 21 and July 11 , 2016.
“While the behavior of the malware and the penetration into the network has been deciphered, the amount of data ex filtrated during the above compromise period is unascertainable due to secure deletion by the malware,” said a statement released by Hitachi Payment Services.
According to the National Payments Corporation of India (NPCI), which looks at payment system in India discovered that almost 90 ATMs in the country were compromised through malware and least 641 customers across 19 banks lost Rs 1.3 crore to fraudulent transactions on their debit cards.
Loney Antony, managing director of Hitachi Payment Services said, “…we confirm that our security systems had a breach during mid-2016. As soon as the breach was discovered, we followed due process and immediately informed the RBI, National Payments Corporation of India (NPCI), banks and card schemes. We also partnered with banks to ensure the safety of their customers’ sensitive data. As a result, the extent of compromise was limited and we have not seen any further misuse due to the containment measures deployed by Hitachi Payment Services"
The company confirmed on Thursday that their system was affected by "a sophisticated injection of malware (malicious software code)", that hampered detail of debit cards issued by banks.
Hitachi Payment Services, a firm that provides ATMs, point of sale and other services in India, said security audit firm SISA Information Security has completed its final assessment report on the breach and discovered that the highly sophisticated malware had worked undetected and concealed its tracks during the compromise period between May 21 and July 11 , 2016.
“While the behavior of the malware and the penetration into the network has been deciphered, the amount of data ex filtrated during the above compromise period is unascertainable due to secure deletion by the malware,” said a statement released by Hitachi Payment Services.
According to the National Payments Corporation of India (NPCI), which looks at payment system in India discovered that almost 90 ATMs in the country were compromised through malware and least 641 customers across 19 banks lost Rs 1.3 crore to fraudulent transactions on their debit cards.
Loney Antony, managing director of Hitachi Payment Services said, “…we confirm that our security systems had a breach during mid-2016. As soon as the breach was discovered, we followed due process and immediately informed the RBI, National Payments Corporation of India (NPCI), banks and card schemes. We also partnered with banks to ensure the safety of their customers’ sensitive data. As a result, the extent of compromise was limited and we have not seen any further misuse due to the containment measures deployed by Hitachi Payment Services"