FinMin assures customers of swift action in debit card security breach case

32 lakh debit cards are feared to have been 'compromised' by a cyber malware attack infecting some ATM systems

Promising swift action on the debit card data compromise issue, Economic Affairs Secretary Shaktikanta Das said on Friday that there is no need to panic over the feared security breach that has affected over 32 lakh cards.

The government, he said, has sought a detailed inquiry report into the issue and appropriate action will be taken once it is received.

"Customers should not panic because these hackings are done through computer and trail can easily be reached. They should not be alarmed. Whatever action has to be taken, it will be done with speed," Das said on the sidelines of an event at New Delhi.

In the biggest-ever security breach affecting the Indian banking sector, 32 lakh debit cards of various public and private sector banks are feared to have been 'compromised' by cyber malware attack in some ATM systems.

Several banks, including state-owned SBI, have recalled a number of cards, while many others blocked the ones suspected to have been compromised and asked their customers to change PIN (personal identification number) before use.

Fraudulent withdrawals have been reported from 19 banks so far, while complaints have been received from a few banks that their customers' cards were used fraudulently abroad, mainly in China and the US when their customers were still in India.

On October 20, G C Murmu, the Additional Secretary at the department of financial services, said that only 0.5 per cent of the total debit card details were compromised while the remaining 99.5 per cent cards were completely safe.

There are around 60 crore debit cards operational in India, of which 19 crore are indigenously developed by RuPay and the rest are Visa and Master Card-enabled.

"Since the data compromise took place from specific machines within a particular time period, it is just a limited issue and banks have asked their affected customers to replace their card or change their PIN," Murmu had said, adding that other cards are not affected at all.

The ubmrella body of all retail payments system in India, the National Payments Corporation of India (NPCI), had said yesterday that all affected banks have been alerted by card networks.

Of the 32 lakh cards affected due to the malware function, 6,00,000 were RuPay enabled ones.

Complaints of fraudulent withdrawals have come from 641 customers and the total amount involved is Rs 1.3 crore as reported by various affected banks, NPCI said in a statement.