Card details of customers at Punjab National Bank were offered for sale through a website for at least three months, investigators believe
10,000 bank clients hit by breach of credit card data
This includes names, expiry dates, Personal Identification Numbers and Card Verification Values. Sasi said two sets of data were released: some with CVV numbers and some without. The last date stamp on the data is January 29, 2018, indicating that the details are still current for thousands of card customers.
“We believe, on preliminary analysis, that the data has been available for at least three months. While this is yet to be firmly established, we are carrying out our forensic investigation,” said a government official familiar with the case. Virwani was asked by Asia Times to comment on the breach, but has not yet responded.
Investigators in both the private and government sectors are still trying to determine how the breach occurred. It is thought the data could have come from a laptop or mobile phone carried by a bank customer that was infected with a malicious code, or from a third party. Payment gateways also had access to the data.
But an investigator said it was more likely the bank’s security was compromised, as a large amount of data came from a single source.
Nearly 10,000 PNB credit, debit card holders affected by data breach: Report
10,000 bank clients hit by breach of credit card data
This includes names, expiry dates, Personal Identification Numbers and Card Verification Values. Sasi said two sets of data were released: some with CVV numbers and some without. The last date stamp on the data is January 29, 2018, indicating that the details are still current for thousands of card customers.
“We believe, on preliminary analysis, that the data has been available for at least three months. While this is yet to be firmly established, we are carrying out our forensic investigation,” said a government official familiar with the case. Virwani was asked by Asia Times to comment on the breach, but has not yet responded.
Investigators in both the private and government sectors are still trying to determine how the breach occurred. It is thought the data could have come from a laptop or mobile phone carried by a bank customer that was infected with a malicious code, or from a third party. Payment gateways also had access to the data.
But an investigator said it was more likely the bank’s security was compromised, as a large amount of data came from a single source.
Nearly 10,000 PNB credit, debit card holders affected by data breach: Report
Last edited: