NPCI reestablishes connectivity with C-Edge following ransomware attack

The National Payments Corporation of India (NPCI) on Thursday said that it has reestablished connectivity with C-Edge Technologies following a security review by an independent forensic auditing firm, which confirmed that the attack was contained by isolating the impacted systems to prevent further spread.

Further, necessary security reviews and scans have been conducted by the auditor to ensure that the rest of the infrastructure is clean, NPCI said, adding that the impact of the ransomware attack was limited to C-Edge systems hosted in their data centre and not on any of the cooperative banks or regional rural banks’ own infrastructure.

Additionally, it stated that services of cooperative banks and regional rural banks who are not dependent on C-Edge have now been restored. As a result, these banks will be able to offer a full range of services seamlessly to their customers.

C-Edge, a joint venture between State Bank of India (SBI) and Tata Consultancy Services (TCS), is a technology service provider that offers services to cooperative and regional rural banks.

On July 31, NPCI had announced that C-Edge had been affected by a ransomware attack, which impacted a few of their systems. In response, NPCI temporarily isolated C-Edge from accessing the retail payment systems it operates. Consequently, customers experienced difficulties accessing payment systems during this isolation period. Over 100 small banks were reportedly disconnected from NPCI’s network to prevent a broader impact.