The State Bank of India on Wednesday blocked nearly six lakh debit cards after a suspected "malware-related security breach" in an ATM network outside the bank's purview was detected. Officials said new cards will be re-issued to the clients affected, The Times of India reported.
The bank's Chief Technology Officer, Shiv Kumar Bhasin, said, "It's a security breach, but not in our banks' systems. Many other banks also have this breach right now." He said that customers who have used only SBI ATMs have not been affected. SBI customers have been advised to contact bank officials or use the online "re-carding" option. Bhasin said customers may also use internet banking to set their Personal Identification Number.
The Reserve Bank of India has no rule that makes it obligatory for banks to report any network security breach to their clients, according to The Times of India report. Bhasin said, "Banks whose ATMs have been infected must come forward and declare those infected ATMs. The onus is on them to stop this."
The RBI website showed 20.27 crore active SBI debit cards till July 2016, while SBI's associate banks had 4.75 crore functioning active debit cards in the same month.
Yes Bank has acknowledged that its ATM network manager, Hitachi Payments, was monitoring the system for any breach through a detailed audit, but said initial investigations found no problems in their system.