The bank’s servers were hacked by an unauthorised login from an unnamed offshore hacker. This after the bank received an unexpected call from an engineer at Kaspersky Lab.
Last week, Axis filed a preliminary report about the breach to RBI. The bank has hired EY, the audit and advisory firm, to carry out an investigation. Till now there are no reports of any fund transfers but the bank and EY are trying to figure out the extent of damage and data loss, if any.
In a statement, a bank spokesperson said, “Axis Bank, like many other large financial institutions, often receives security threats from across the globe. The bank has strict security protocols and procedures in place and all its online properties are monitored round the clock by its in-house team of security experts. The bank also engages best in class international and national agencies who regularly identify and neutralize threats and audit the Bank's online ecosystem.” “Safety and security of our systems and processes is of paramount importance to us and we constantly monitor and are vigilant in our efforts to combat any potential threats. We would like to state that there has been no monetary loss.”
Over the past few years, banks have been fighting cyber strikes like “distributed denial of service” (or DDoS) which slows down a bank’s system, worms that make ATMs spew out cash, and some that can divert funds to a secret destination.