One of the oldest co-operative banks of Pune, Cosmos co-operative bank has become the latest victim of cyber attack. The ATM switch system of the bank was hacked and Rs 94.42 crore were siphoned off between August 11 and August 13. The incident came to light, late evening on August 13 after which the bank has shut down its systems for transactions as a precautionary measure.
A complaint has also been filed at the Chatushrungi police station on Monday night by Subhash Gokhle, a bank official. According to the complaint, hackers stole information of debit cardholders of the bank and carried out over 14,000 transactions from 29 countries. Bank officials suspect that that attack was done from Canada. However, they claim that the deposits of account holders are intact.
Milind Kale, Chairman Cosmos Co-Operative Bank said "We suspect the malware attack to be done from Canada. The money was withdrawn from ATM machines from 28 countries through around 12,000 international transactions and around 2,849 domestic transactions. The transactions were carried out using fake debit cards. The deposit of account holders is safe and intact. However, as a precautionary measure, we have stopped the online system for two days."
Although the bank claims customers are not affected, it is a huge loss to the bank as the money was withdrawn from a pool account. The transactions were carried on two different days, at first the systems were hacked on August 11 at 3 pm and around Rs 78 crore was transferred out of the country using VISA. Transactions of Rs 2.5 cr were done in India through NCPI and Rupay.
On August 13, at around 11.30 pm the server was hacked again and Rs 13.92 crore were transferred through Swift transactions, to the account of ALM trading limited at Hang Seng Bank in Hong Kong. The money was later withdrawn through ATMs using bogus VISA cards. The police complaint also mentions the name of been ALM trading limited, where the money was transferred.
Cyber expert Prashant Mali said "This fraud raises several questions on the cybersecurity systems of Indian Banks. Did the security management system not alert the bank of the fraud? If yes then why no action was taken? Banks fail to follow the security guidelines issued by the RBI because of which such cyber attacks take place"
A case has been registered under several sections of the IT act and investigation is underway.
Comments
0 comment