Mumbai: The mystery behind the breach at a private bank’s ATM network last year that led to 32 lakh debit cards being exposed, forcing banks to replace most of them, has been solved. Hitachi Payment Services — the company to which Yes Bank had outsourced processing of ATM transactions — has said that investigations show that its systems were hit by a sophisticated malware attack and it is not possible to say how many cards’ details have been extracted.
In a statement issued here, Hitachi Payment Services said that SISA Information Security has completed its final assessment report on the breach of security protocols, which led to the potential compromise of debit cards between May 21 and July 11, 2016. SISA’s report pointed out a sophisticated injection of malware (a piece of malicious software code) in the Hitachi Payment Services’ systems, which was able to compromise the details of these debit cards.
“Hitachi Payment Services regrets the inconvenience caused to banks and its customers due to this lapse in its security infrastructure. We assure you of our highest commitment to building a robust infrastructure in our systems and preventing such cyber frauds in future,” said Loney Antony, MD, Hitachi Payment Services.

According to Dharshan Shanthamurthy, chief executive of SISA, banks need to gear up for more such attacks post demonetisation. “With increased amount of digital payments, such attacks are going to get worse. In the name of innovation, corners are being cut. That’s a matter of concern. Smartphones, use of fingerprint as primary payment authentication are fraught with risks which need to be tackled,” he said.