It turns out that Punjab National Bank (PNB), which is currently reeling under the Nirav Modi fraud case, had also suffered a data breach, which affected 10,000 credit and debit card customers, reports Asia Times. The leaked data includes customer names, expiry dates of cards, personal ID numbers and CVV numbers. This data was available on a website on the dark web for at least three months, but it’s not clear if it was misused or not.
#Breaking on @AsiaTimes_In. A major data breach in #PNB. Are details of over 10,000 credit and debit card holders issued by Punjab National Bank on sale on the dark web? My story in @asiatimesonlinehttps://t.co/IdS65uiwsg
— Saikat Datta (@saikatd) February 22, 2018
According to the report, PNB was not even aware of the breach till yesterday, when Singapore and Bangalore-based CloudSek Info Security informed them about it. The report also mentions that CloudSek was unable to contact PNB and that a government agency helped pass on the details to the bank.
We will update this story as more details emerge.
The 2016 debit cards security breach
Over 3.2 million debit card details were stolen by hackers from ATMs and POS machines on YES Bank’s network. The ATMs were managed by Hitachi Payment Services and card data was stolen between May 25 to July 10 of 2016. Around 90 YES Bank’s ATMs and POS machines were targeted by the malware, which resulted in card details of State Bank of India (SBI), ICICI Bank and HDFC Bank customers among other being stolen. Later Axis Bank and SBI confirmed the data breach.