A critical security vulnerability in Punjab National Bank (PNB) exposed the personal and financial data of over 180 million customers for the last seven months, cybersecurity firm CyberX9 claims in a report. The vulnerability was fixed by PNB on November 19 after it was reported to CERT-In and NCIIPC, the firm said. PNB is India's second-largest public sector bank and an allegation that all of its customer accounts could've been compromised by cyber attackers is alarming. In a statement to MoneyControl, PNB confirmed a vulnerability in one of its servers but denied that any critical data was exposed or other systems were affected. MediaNama has reached out seeking more details. Cyberattacks and data breaches have been growing rapidly in recent months. Just earlier this month, CyberX9 reported that another large financial company, Central Depository Services Limited (CDSL), exposed sensitive data of around 4.39 crore investors. What was the vulnerability at PNB? CyberX9 reported that on November 17 it discovered a critical vulnerability that gave it access to the highest level of administrator privileges in an internal PNB server, which in turn exposed PNB's systems nationwide. This unrestricted access could have allowed any malicious attacker to get access to any information on PNB's network including systems in PNB branches and other departments, the cybersecurity firm said. An attacker could've potentially had the ability to remotely execute any code on them, steal data, make transactions, get complete control of such connected computer systems. – CyberX9 PNB, however, told MoneyControl: "The server wherein the vulnerability was reported,…
- Here’s what streaming companies revealed in their compliance reports for Oct 2022 December 2, 2022
- FRT-based Digi Yatra project begins in three Indian airports on opt-in basis December 2, 2022
- Spotify CEO calls Apple “Shameless” For Engaging In Anti-Competitive Practices December 2, 2022
- Madhya Pradesh HC Grants State Government 3 Months to Draft and Clear Online Gambling Law: Report December 2, 2022
- Meta’s Nick Clegg Flags Encryption Concerns, Praises India’s Stance On Cross-Border Data Flow December 2, 2022
MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.
The Structure and Style of a Dogma Community: Conspiracy theories and organized Twitter engagement on Sushant Singh Rajput
Studying the 'community' supporting the late Sushant Singh Rajput (SSR) shows how Twitter was gamed through organized engagement
Do we have an enabling system for the National Data Governance Framework Policy (NDGFP) aiming to create a repository of non-personal data?
A viewpoint on why the regulation of cryptocurrencies and crypto exchnages under 2019's E-Commerce Rules puts it in a 'grey area'
India's IT Rules mandate a GAC to address user 'grievances' , but is re-instatement of content removed by a platform a power it should...
Why ‘group privacy’ should be recognised, and how ‘non-personal’ data becomes a regulatory blindspot
There is a need for reconceptualizing personal, non-personal data and the concept of privacy itself for regulators to effectively protect data
Please subscribe to MediaNama. Don't share prints and PDFs.
You May Also Like
Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...
135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...
Twitter takes down tweets from MP, MLA, editor criticising handling of pandemic upon government request
By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...