Finance Minister Arun Jaitley on Friday said the government has sought a detailed report on the extent of debit card data compromise following the biggest security breach in the Indian banking industry that affected over 32 lakh card holders.
The government has asked Reserve Bank of India and banks to provide details of the data breach and also banks' preparedness to deal with cyber crimes.
"Have sought a report in the debit card issue. The idea is to contain the damage," Jaitley told reporters in New Delhi.
Several banks, including state-owned State Bank of India, have recalled a number of cards, while many others blocked the ones suspected to have been compromised and asked customers to change their PIN (personal identification number) before use.
There are some 60 crore debit cards operational in India, of which 19 crore are indigenously developed RuPay ones while the rest are Visa- and Master Card-enabled.
Fraudulent withdrawals have been reported from 19 banks so far while complaints have been received from a few banks that their customers' cards were used fraudulently abroad, mainly in China and the US while the customers were in India.
SBI is said to have recalled around 6 lakh cards while others like Bank of Baroda, IDBI Bank, Central Bank and Andhra Bank have replaced debit cards of several customers as a pre-emptive measure.
Among private sector players, ICICI Bank, HDFC Bank and Yes Bank have asked customers to change their ATM PINs. HDFC Bank also advised its customers to use its own ATMs for carrying out any transaction.
The suspected security breach happened through a malware in the systems of Hitachi Payments Services, which serves ATM network of Yes Bank and also some white-label ATMs.
Weighing in, Economic Affairs Secretary Shaktikanta Das on Friday said there was no need to panic over the feared security breach that affected over 32 lakh cards.
The government, he said, has sought a detailed inquiry report into the issue and appropriate action will be taken once it is received.
"Customers should not panic because these hackings are done through computer and trail can easily be reached... they should not be alarmed. Whatever action has to be taken, it will be done with speed," Das said on the sidelines of a German government event in New Delhi.
In the biggest-ever security breach affecting the Indian banking sector, 32 lakh debit cards of various public and private sector banks are feared to have been 'compromised' by cyber malware attack in some ATM systems.
On Thursday, additional secretary in department of financial services G C Murmu said only about 0.5 per cent of the total debit card details were compromised while the remaining 99.5 per cent cards are completely safe and bank customers should not panic.
"Since the data compromise took place from specific machines within a particular time period, it is just a limited issue and banks have asked their affected customers to replace their card or change their PIN," Murmu had said, adding that other cards are not affected at all.
The umbrella body of all retail payments system in India -- the National Payments Corporation of India -- on Thursday said all affected banks have been alerted by card networks.
Complaints of fraudulent withdrawals have come from 641 customers and the total amount involved is Rs 1.3 crore as reported by various affected banks, NPCI said in a statement.
Illustration: Uttam Ghosh/Rediff.com.