Hitachi Payment Services on Thursday admitted its systems were affected by malware leading to one of the biggest cyber security breaches in the country affecting 3.2 million debit cards.
Hitachi’s admission was based on a report by security audit firm SISA Information Security, which determined that the breach of software protocols happened between May 21, 2016, and July 11, 2016.
“SISA’s report pointed to a sophisticated injection of malware in the Hitachi Payment Services’ systems, which was able to compromise the details of these debit cards,” Hitachi said in a statement.
“While the behaviour of the malware and the penetration into the network has been deciphered, the amount of data exfiltrated is unascertainable due to secure deletion by the malware,” Hitachi added.
The breach meant that customers’ accounts were debited by fraudsters. The monetary value of such transactions is not known, but the affected customers have been compensated by the banks.
The National Payments Corporation of India (NPCI) had said at that time 600 customers had reported losses of Rs 1.3 crore. But industry sources peg the figure much higher, considering the number of cards compromised.
According to sources in the Reserve Bank of India (RBI), the central bank has absolved banks of any wrongdoing and has advised that the tab be picked up by the service providers. After its admission, banking sources said, the cost of compensation would have to be borne by Hitachi. Hitachi and SISA were not available for comments.
“We confirm that our security systems had a breach during mid-2016,” said Loney Antony, managing director, Hitachi Payment Services. “As soon as the breach was discovered, we informed the RBI, NPCI, banks and card schemes. The extent of the compromise was limited and we have not seen any further misuse,” he said, adding the company had enhanced its infrastructure.
After the breach came to light, banks blocked payments at international locations, reduced withdrawal limits, monitored unusual patterns and changed cards.