Breaking: 3.2 million debit cards compromised; SBI, HDFC Bank, ICICI, YES Bank and Axis worst hit
- 1486
- 37
-
- Last Comment
http://m.economictimes.com/industry/banking/fin...
Banks in India will either replace or ask users to change the security codes of as many as 3.2 million debit cards in what’s emerging as one of the biggest ever breaches of financial data in India, people aware of the matter said. Several victims have reported unauthorised usage from locations in China.
Note to Dimers: Block your cards for international usage.
mine SBI account also got blocked 
Yes this is some serious shit.
I read in newspaper that all the people who use their ATM cards in Yes bank’s ATM machines got it cloned!
Not at a remote location. But all over India!
Is there an insider involved in it?
And without OTP I dont think people can do online shopping now.
International transaction should be disabled.
And PIN should be changed as a precaution.
This is the very reason I invest in properties inspite of keeping my monies in bank accounts. 
@19 Female Gurgaon wrote:
Yes this is some serious shit.
I read in newspaper that all the people who use their ATM cards in Yes bank’s ATM machines got it cloned!
Not at a remote location. But all over India!Is there an insider involved in it?
And without OTP I dont think people can do online shopping now.
International transaction should be disabled.And PIN should be changed as a precaution.
This is the very reason I invest in properties inspite of keeping my monies in bank accounts.
Cards getting cloned at atm is different thing,it is done by attaching a card cloning equipment , at the place where u inerst card in atm ,its somewhat like a cover to card slot.therefore b4 inserting card make sure somthing is not attached to slot
@lostdrms wrote:
@19 Female Gurgaon wrote:
Yes this is some serious shit.
I read in newspaper that all the people who use their ATM cards in Yes bank’s ATM machines got it cloned!
Not at a remote location. But all over India!Is there an insider involved in it?
And without OTP I dont think people can do online shopping now.
International transaction should be disabled.And PIN should be changed as a precaution.
This is the very reason I invest in properties inspite of keeping my monies in bank accounts.
Cards getting cloned at atm is different thing,it is done by attaching a card cloning equipment , at the place where u inerst card in atm ,its somewhat like a cover to card slot.therefore b4 inserting card make sure somthing is not attached to slot
Are the machines that eat the card safer?
I mean like some HDFC machines take the card inside and then you transact.
Yes, there is fear that they may not puke the card after finishing the business!
SBI ATMs closed everywhere?
In debit card I follow a practice to change my daily limit. When a txn is reqd to be done I raise it, otherwise I restrict it to Rs.100, to maintain integrity. 
I think this may be a solution short term. Urge all to give a try…
@ShuSin wrote:
mine SBI account also got blocked
You mean just the debit card, right? You should still be able to transfer the funds via NEFT/IMPS to another bank account and withdraw the money via ATM if required.
So this happened weeks back but banks never informed the customers? They all knew but were hush-hush over the matter and waited to accept and inform till it became pandemic? Excellent, this is the real face of corporate in India.
Just rememberd a recent purchase on AliExpress.
@19 Female Gurgaon wrote:
And without OTP I dont think people can do online shopping now.
International transaction should be disabled.
FYI, most of the international transactions don’t require pin/OTP for online transaction
and only a few banks provide International transaction facility by default
@19 Female Gurgaon wrote:
@lostdrms wrote:
@19 Female Gurgaon wrote:
Yes this is some serious shit.
I read in newspaper that all the people who use their ATM cards in Yes bank’s ATM machines got it cloned!
Not at a remote location. But all over India!Is there an insider involved in it?
And without OTP I dont think people can do online shopping now.
International transaction should be disabled.And PIN should be changed as a precaution.
This is the very reason I invest in properties inspite of keeping my monies in bank accounts.
Cards getting cloned at atm is different thing,it is done by attaching a card cloning equipment , at the place where u inerst card in atm ,its somewhat like a cover to card slot.therefore b4 inserting card make sure somthing is not attached to slot
Are the machines that eat the card safer?
I mean like some HDFC machines take the card inside and then you transact.Yes, there is fear that they may not puke the card after finishing the business!
Like They love your card and might not be wiiling to give bk 
Nothing is safe in lyf ,not even walking along the road, but does not stop us from moving.
Minimise the risk , dnt keep to much money
@19 Female Gurgaon wrote:
Yes this is some serious shit.
I read in newspaper that all the people who use their ATM cards in Yes bank’s ATM machines got it cloned!
Not at a remote location. But all over India!Is there an insider involved in it?
And without OTP I dont think people can do online shopping now.
International transaction should be disabled.And PIN should be changed as a precaution.
This is the very reason I invest in properties inspite of keeping my monies in bank accounts.
International Transactions can be reversed
without exact billing address, 90% of those transactions will fail
@srp321 wrote:
@19 Female Gurgaon wrote:
And without OTP I dont think people can do online shopping now.
International transaction should be disabled.
FYI, most of the international transactions don’t require pin/OTP for online transactionand only a few banks provide International transaction facility by default
Arey, that’s exactly why he was saying that international transactions should be disabled until they can introduce OTP authentication there as well.
@DealSeeker wrote:
Arey, that’s exactly why he was saying that international transactions should be disabled until they can introduce OTP authentication there as well.
His statement wasn’t exactly concluding to this, and I thought it was sort of a question.
and, yes, that would certainly be great (OTP thing), and I hope after the current hack situation, RBI would mandate the same for International transactions as it is for domestic ones.
from what I have read here and there online about this authentication thing,
RBI has mandated this 2 step authentication for transactions happening in India for debit/credit cards, i.e. 1st CVV then PIN/OTP.
about International transactions, they require only 1 i.e. CVV, this causes the vulnerability, but incidentally, International transactions also require correct card holder name and address (don’t know about to what extent they need address).
@srp321 wrote:
@DealSeeker wrote:
Arey, that’s exactly why he was saying that international transactions should be disabled until they can introduce OTP authentication there as well.
His statement wasn’t exactly concluding to this, and I thought it was sort of a question.
and, yes, that would certainly be great (OTP thing), and I hope after the current hack situation, RBI would mandate the same for International transactions as it is for domestic ones.from what I have read here and there online about this authentication thing,
RBI has mandated this 2 step authentication for transactions happening in India for debit/credit cards, i.e. 1st CVV then PIN/OTP.about International transactions, they require only 1 i.e. CVV, this causes the vulnerability, but incidentally, International transactions also require correct card holder name and address (don’t know about to what extent they need address).
They don’t. The address/zip code matching feature is there on my US-based cards. But when I use my Indian cards on a US-website, no such check is performed.
As per the news, Most of the Transactions has been done in China, does this relate to something with Xiaomi Phones?
@sherlock wrote:
As per the news, Most of the Transactions has been done in China, does this relate to something with Xiaomi Phones?
even I was thinking the same..
My brother was saying this since many years.. SAY NO TO CHINA PRODUCTS
@coolguy4u wrote:
@sherlock wrote:
As per the news, Most of the Transactions has been done in China, does this relate to something with Xiaomi Phones?
even I was thinking the same..
My brother was saying this since many years.. SAY NO TO CHINA PRODUCTS
Exactly… As we all know, there was a press release earlier for Army personals stated not to use Xiaomi Phones
@DealSeeker wrote:
@srp321 wrote:
@19 Female Gurgaon wrote:
And without OTP I dont think people can do online shopping now.
International transaction should be disabled.
FYI, most of the international transactions don’t require pin/OTP for online transactionand only a few banks provide International transaction facility by default
Arey, that’s exactly why he was saying that international transactions should be disabled until they can introduce OTP authentication there as well.
lol They cant just disabled Int transaction until introduce otp
They are International banks not mobikwik wallet
it can take some week
there are people who needed to do transaction every hour 
Changing password and pin would enough security as of now they can ask to change
or block until you dont change pin and password
@DealSeeker wrote:
They don’t. The address/zip code matching feature is there on my US-based cards. But when I use my Indian cards on a US-website, no such check is performed.
was searching for information as to why address verification is not done for International transactions, and got this:
http://money.stackexchange.com/questions/11979/...
i guess, it has to be done by the card company if the govt enforces it.
@sherlock
whyy only xiaomi phones, why not opo, oppo, lenovo, coolpad, Huawei, Lenovo, LeEco, Gionee 
Arey ye chal kya raha h, daily sbi dc getting compromised 
This is some serious bs
“The breach is said to have originated in malware introduced in systems of Hitachi Payment Services, enabling fraudsters to steal information allowing them to steal funds. Hitachi, which provides ATM, point of sale (PoS) and other services, couldn’t be reached for comment late Wednesday
Goods of every nation are manufactured in China. So Stop purchasing Apple , Bose, Philips etc as well
I havent said anything particular abt Xiaomi, I just told what I have read earlier in News (and obviously it was all about Xiaomi), Not about other manufacturers.
Have a look: http://tech.firstpost.com/news-analysis/xiaomi-...
and another post below that might be a warning…
@blue wine wrote:
@DealSeeker wrote:
@srp321 wrote:
@19 Female Gurgaon wrote:
And without OTP I dont think people can do online shopping now.
International transaction should be disabled.
FYI, most of the international transactions don’t require pin/OTP for online transactionand only a few banks provide International transaction facility by default
Arey, that’s exactly why he was saying that international transactions should be disabled until they can introduce OTP authentication there as well.
lol They cant just disabled Int transaction until introduce otpThey are International banks not mobikwik wallet
it can take some weekthere are people who needed to do transaction every hour
Changing password and pin would enough security as of now they can ask to change
or block until you dont change pin and password
Yes, sir, I forgot that you are a Forex trader and I am the one from a small town. 
You can disable international transactions on your cards yourself via bank portals or by contacting your bank’s customer service. Nowhere did I or @19 Female Gurgaon suggest that international transactions should be disabled by the banks/RBI for all users until they can introduce OTP for that as well. Seems like you misunderstood quite a lot.
@DealSeeker I thought i got u this time 
Bt I will read more carefully next time
Remember I have eyes on ur comment someday you will be wrong and I will be the first one 2 tell u
@blue wine wrote:
@DealSeeker I thought i got u this time
Bt will read more carefully next time
Remember I have eyes on ur comment someday you will be wrong and I will be the first one 2 tell u
You have a queue ahead of you. You see, there are already a few people with the same intentions.
Dear Customer,
Greetings from ICICI Bank.
In view of the recent reports in the media about the alleged security breach at ATM’s of another bank impacting debit cards across multiple banks in India, we would like to assure you that ICICI Bank has already taken precautionary measures to change the ATM PIN of customers who were identified to be at risk. If you have not received any communication from ICICI Bank to change your ATM PIN, you can be sure that your debit card is not at risk.
ICICI Bank maintains state of the art transaction security infrastructure including real-time fraud monitoring tools to protect our customers against any unauthorised usage. Further, we would like to reassure you that our ATMs employ highest level of security protocols and continue to remain safe for transactions.
We are committed to making your banking with us completely safe and convenient.
We would like to reiterate some of the Safe Banking tips for the security of your account.
• Do change your ATM PIN once in 3 to 6 months
• Do not share your ATM PIN with anyone
• Report lost or stolen cards immediately
• NEVER SHARE your Card number, CVV, PIN, OTP, Expiry date or URN with anyone, even if the person claims to be a bank employee. Sharing these details can lead to unauthorised access to your account
• Never keep your Card and PIN together or write your PIN on the card
• Transact online only at reputed and known online merchants
We would like to reassure you that the security and safety of customer accounts is our utmost priority and we urge you to continue using your ICICI Bank Debit Card for transactions at ATMs, Point of Sale (POS) terminals and on eCommerce websites without concern.
Sincerely,
Sudipta Roy
General Manager – Consumer Cards
Looks like ICICI isnt blocking cards
@getready wrote:
Dear Customer,
Greetings from ICICI Bank.
In view of the recent reports in the media about the alleged security breach at ATM’s of another bank impacting debit cards across multiple banks in India, we would like to assure you that ICICI Bank has already taken precautionary measures to change the ATM PIN of customers who were identified to be at risk. If you have not received any communication from ICICI Bank to change your ATM PIN, you can be sure that your debit card is not at risk.
ICICI Bank maintains state of the art transaction security infrastructure including real-time fraud monitoring tools to protect our customers against any unauthorised usage. Further, we would like to reassure you that our ATMs employ highest level of security protocols and continue to remain safe for transactions.
We are committed to making your banking with us completely safe and convenient.
We would like to reiterate some of the Safe Banking tips for the security of your account.
• Do change your ATM PIN once in 3 to 6 months
• Do not share your ATM PIN with anyone
• Report lost or stolen cards immediately
• NEVER SHARE your Card number, CVV, PIN, OTP, Expiry date or URN with anyone, even if the person claims to be a bank employee. Sharing these details can lead to unauthorised access to your account
• Never keep your Card and PIN together or write your PIN on the card
• Transact online only at reputed and known online merchants
We would like to reassure you that the security and safety of customer accounts is our utmost priority and we urge you to continue using your ICICI Bank Debit Card for transactions at ATMs, Point of Sale (POS) terminals and on eCommerce websites without concern.Sincerely,
Sudipta Roy
General Manager – Consumer CardsLooks like ICICI isnt blocking cards
But you forgot to reveal your netbanking username password in this post!
And @DealSeeker should not take @blue wine this seriously.
Nice! So this is the real state of security in our banking/payment systems.