The Reserve Bank of India has launched a probe into what is believed to be the biggest-ever debit card data breach in Indian banking system, even as it tried to allay fears saying the number of cards misused is “few”.
The RBI held a meeting with senior officials from select banks, the National Payment Corporation of India (NPCI) and card network operators to review the steps taken by various agencies to contain the adverse fall-out of certain card details alleged to have been compromised.
The apex bank said it came to its notice on September 8 that details of certain cards issued by some banks had been possibly compromised at ATMs linked to the ATM Switch of one of the service providers.
“The issue is currently being investigated by an approved forensic auditor, under PCI-DSS framework (Payment Card Industry Data Security Standard),” the central bank said in a statement.
It further said the “number of cards misused, as per currently available information, is few”.
As a matter of abundant precaution, card network operators concerned were earlier advised to share the details of cards used during
the period of such exposure, it said.
Several public and private sector banks have recalled or blocked over 32 lakh debit cards to safeguard their customers from any financial fraud.
The finance ministry has asked various agencies, including the RBI to submit their report in 10 days.
The Reserve Bank further said banks have been taking “necessary remedial action to avoid any potential abuse” of such cards in future by unscrupulous elements and to protect the interest of their customers.