India’s junior Finance minister, Santosh Gangwar revealed in a report submitted to the Lok Sabha last week on March 17 that around 29 lakh debit cards came under malware attack last year through ATMs that were connected to a switch provided by Hitachi Payment Services (HPS). However, successful attempts of misuse of compromised cards as reported to RBI by banks were only 3,291.
“RBI has informed that HPS appointed SISA Infosec for PCI forensic investigation. The final report suggested that the ATM infrastructure of HPS was breached and the data between May 21 and July 11, 2016, were compromised, but not the POS (point of sale) infrastructure," Press Trust of India quoted Gangwar as saying.
According to Gangwar, the National Payment Corporation of India (NPCI) has said no independent investigation was carried out by it. RBI has also advised banks to improve and maintain customer awareness and education with regard to cyber security risks said MoS.
The RBI has issued a comprehensive circular on Cyber Security Framework in Banks on June 2, 2016, covering best practices pertaining to various aspects of cyber security.
With over 432,000 ATMs installed worldwide, the risk of ATM malware is growing even further.