Active Stocks
Wed Dec 06 2023 15:52:23
  1. Tata Steel share price
  2. 131.8 0.15%
  1. State Bank Of India share price
  2. 608.1 -0.05%
  1. Power Grid Corporation Of India share price
  2. 224.4 0.9%
  1. Tata Motors share price
  2. 722.4 1.99%
  1. NTPC share price
  2. 281.15 -1.52%
Business News/ Industry / Banking/  Debit card data breach: RBI likely to tighten cyber security norms today
Back Back

Debit card data breach: RBI likely to tighten cyber security norms today

RBI to ask all lenders to report cyber security issues on a real-time basis at meeting on debit card data breach

Photo: Aniruddha Chowdhury/MintPremium
Photo: Aniruddha Chowdhury/Mint

The Reserve Bank of India (RBI) has called a meeting on Monday with all stakeholders involved in the largest data breach in India’s banking system, said two people with direct knowledge of the development.

The meeting will be chaired by a deputy governor of the central bank and will be attended by executives from banks and payment network service providers. 

The central bank will ask all lenders to report cyber security issues on a real-time basis, an RBI official, one of the two people cited above, said on condition of anonymity.

The regulator may also ask all banks to centralize their cyber security operations and put a proper team in place instead of outsourcing these functions, this person said. 

The matter gains urgency in view of the large-scale data breach. The RBI official said that banks took a month to bring this issue to its notice despite its latest notification on cyber security. 

“It is observed that banks are hesitant to share cyber-incidents faced by them. However, the experience gained globally indicates that collaboration among entities in sharing the cyber-incidents and the best practices would facilitate timely measures in containing cyber-risks. It is reiterated that banks need to report all unusual cyber-security incidents (whether they were successful or were attempts which did not fructify) to the Reserve Bank," read the central bank’s notification issued on 2 June.

Mint had reported on Friday that it took three months for India’s banking system to become aware of the large-scale data breach. Card data of 3.2 million customers was stolen between 25 May and 10 July from a network of Yes Bank Ltd ATMs managed by Hitachi Payment Services Pvt. Ltd, but it was only in September that banks and payments services providers became aware of the extent of the breach. On Thursday, Yes Bank and Hitachi released statements denying there was a breach in their respective systems. 

The regulator has a broad sense of the issue but it is also likely to separately investigate the matter, said the first person cited above. The regulator will conduct annual cyber audits of banks starting next year. 

A detailed forensic report is already being conducted by SISA Information Security Pvt. Ltd, a global payments security specialist firm. 

“We are working with various stakeholders. We will also work with various other agencies required for this investigation. The investigation is on track. The necessary results will be shared with the concerned stakeholders once we have completed the investigation," said Dharshan Shanthamurthy, chief executive of SISA. The report is expected in November. 

Multiple government organizations, including the cyber cell of the Mumbai Police’s crime branch, the ministry of finance and the government’s cybersecurity arm Computer Emergency Response Team-India (CERT-In), are now investigating the data breach.

“Banks are yet to report the matter to the cyber cell, despite it being mandatory. We have sought information from banks and NPCI about the crime," said Brijesh Singh, special IG, cyber, Maharashtra Police. NPCI, short for National Payments Corporation of India, is the umbrella organization for all retail payment systems in the country. 

Separately, the Press Trust of India reported that the finance ministry had asked various agencies, including RBI, to submit their reports in 10 days.

Milestone Alert!
Livemint tops charts as the fastest growing news website in the world 🌏 Click here to know more.

Gopika Gopakumar
Gopika Gopakumar has worked for over 15 years as a banking journalist across print and television media. Her expertise lies in breaking big corporate stories and producing news based TV shows. She was part of the 2013 IMF Journalism Fellowship Program where she covered the Annual & Spring meetings of the International Monetary Fund in Washington D.C. She started her career with CNBC-TV18, where she also produced a news feature show called Indianomics and an award winning show on business stories from South India called Up South. She joined Mint in 2016.
Catch all the Industry News, Banking News and Updates on Live Mint. Download The Mint News App to get Daily Market Updates.
More Less
Published: 23 Oct 2016, 11:27 PM IST
Next Story footLogo
Recommended For You
Banking Stocks
Switch to the Mint app for fast and personalized news - Get App