While the government continues to push towards Prime Minister Narendra Modi’s dream of ‘cashless India’, a rather alarming revelation seems to be raising several questions on the security of bank account data of Indians.
According to a Times of India report, police investigations have revealed that the bank account data of one crore Indians was up for sale at just 10 or 20 paisa per individual.
While investigating the case of an 80-year-old woman from Greater Kailash in south Delhi, who had lost Rs 1.46 lakh from her credit card, the police busted the module which stole data from ‘insiders’ in banks, call centres and authorised banks, and sold it to crooks.
Shockingly, the report cited DCP (south east) Romil Baaniya as saying that the arrest of a key member of the module led them recover stolen data of one crore people.
“The data, comprising card number, card holder name, date of birth and mobile number, is in several categories and runs into more than 20 gigabytes. Most sought after data is of senior citizens bank details,” Times of India quoted the police as saying.
The arrested person, Puran Gupta, a resident of Pandav Nagar in east Delhi, revealed during the investigation that he usually sold bulk data of around 50,000 people for anything between Rs 10,000-20,000.
He is said to have bought the data from a Mumbai-based supplier, whom the police are trying to nab.
The crooks used this data by posing as bank representatives and convinced people into sharing details such as the CVV number and OTP, and used these to withdraw money.
As these crooks already had the account holder’s name and card number, it was easy for them to trap their targets, who ended up furnishing their passwords.
Several times, these wrongdoers told the account holders that they were trying to confirm suspicious transactions and asked people to quickly share details so that they could ‘block’ an ongoing transaction. They also use other pretexts to dupe people like encashing reward points and card blocked.
“Gupta has disclosed that he had created a firm named 'First step services and solution' and got it registered on portals such as Just Dial. His clients used to call him through Just Dial and seek data required by them. The data was transferred through email,” said DCP Baaniya.