ICICI Bank Sensitive Data of millions of customers leaked online, Are private banks not safe?

- Advertisement -

Data of millions of customers of ICICI Bank has been leaked recently. This includes financial data, personal documents and various other sensitive data. Earlier the data of HDFC Bank was leaked. In India, SBI, HDFC Bank & ICICI Bank are designated as D-SIBs i.e. Domestic Systemically Important Banks. This means that these 3 banks are the most important banks of India and they are so big that they can’t fail.

But this news of data leak in ICICI Bank puts a lot of questions in mind. Notably, the Indian government designated the ICICI Bank’s resources as “critical information infrastructure” in 2022, meaning any damage could affect national security. 

During the inquiry, researchers learned that the bank’s systems were misconfigured, which allowed the bank to release important information. Although the infrastructure of the national bank was in a critical state, the protection of sensitive data was not guaranteed.

- Advertisement -

The research team uncovered misconfigured and publicly accessible cloud storage at Digital Ocean bucket – with over 3.6 million ICICI Bank files on February 1. The bank’s and its clients’ private information was revealed in files.

Leaked Data

“Among the leaked data were bank account details, bank statements, credit card numbers, full names, dates of birth, home addresses, phone numbers, emails, personal identification documents, and employees’ and candidates’ CVs.”

Since financial services are the primary target for cybercriminals, the organization may have faced disastrous consequences and endangered its clients if bad actors had gained access to the disclosed data.

- Advertisement -

Additionally, files that included the clients’ passports, IDs, and Indian PANs (Indian taxpayer identity numbers) were kept in the bucket. Know-your-customer (KYC) forms and bank statements were also compromised.

The leak also harmed the bank’s employees, as CVs of existing employees and job candidates were found in the storage.

ICICI Bank’s Digital Ocean bucket’s access was wholly blocked on March 30. The report guarantees the problem was resolved once the leak was reported to the bank and the Indian Computer Emergency Response Team (CERT-IN). 

- Advertisement -

Estimated Severity of ICICI Leak

“The impact of the discovered ICICI leak is estimated to be severe, as the volume of personal data leakage is significant,” Cybernews researchers wrote.  “Such sensitive information could undermine ICICI Bank’s reputation and may uncover details of the bank’s internal processes as well as jeopardize the safety and security of its clients, employees, and their data.”

Researchers claim threat actors could exploit exposed data to commit fraud and identity theft. The personal information and credentials acquired by fraudsters could be used to open accounts illegally in the names of individuals. 

Employees, companies, and people whose data was exposed may be vulnerable to spear phishing attacks. Because criminals frequently target credit card information, bank account numbers, and logins to online banking platforms, the banking industry is particularly susceptible to phishing assaults.

Users receiving emails

In addition, numerous users tweeted that they received password reset request emails from ICICI.

- Advertisement -

Share this article...

Comments

1 COMMENT

  1. Oh God! What is the remedy for the already stolen personal data etc, in what way the bank OT cyber security gurantee prevention of misuse?

LEAVE A REPLY

Please enter your comment!
Please enter your name here

More News...

Latest

Gold was so cheap in year 2000, Check Last 25 years Gold Rate

You will be surprised to know the Gold Rate in 2000, Check Last 25 years Gold Rate

Income Tax Department Recovers Rs.40 Crore Cash During Raids on Shoe Traders in Agra

Income Tax Department Recovers Rs. 40 Crore in Cash During Raids on Shoe Traders in Agra

Russian Court Orders Seizure of Deutsche Bank’s Assets, But Why?

Russian Court Orders Seizure of Deutsche Bank's Assets in Lawsuit Over Gas Processing Plant Construction Project

Man in UP received Rs 9,900 Crore in his Bank Account, Bank froze his account

Bank Account Software Glitch Leads to a Shocking Rs 9,900 Crore Balance in Uttar Pradesh Man's Account

Consumer Forum directs SBI to compensate customer for card cloning fraud

Consumer Forum directs SBI to compensate customer for card cloning fraud

Baroda Gramin Bank Officers protest against Regional Manager

Baroda Gramin Bank Officers protest against Regional Manager

PNB Bank Manager’s Wife commits suicide, Family says she was forced for Dowry

PNB Bank Manager's Wife commits suicide, Family says she was forced for Dowry

J&K High Court says Excess Salary paid to employee can’t be recovered after retirement

Jammu and Kashmir High Court Rules Against Recovery of Excess Payments to Retired Employee

Madras High Court: Employees Cannot Be Denied Pensionary Benefits Due To Administrative Delays

Landmark Ruling by Madras High Court: Administrative Delays Cannot Deprive Employees of Pensionary Benefits

Latest News