How a virus sabotaged the Indian Debit card arena


Sometime between May and July, an unknown number of ATMs and point of sale (PoS) machines were affected by an unknown malicious virus.

It is feared that approximately 3.2 million debit cards are compromised in recent menace.

Of the debit cards affected, 2.6 million are on Visa and MasterCard platforms, while 600,000 are on the RuPay platform. The worst-hit of the card-issuing banks are State Bank of India, HDFC Bank, ICICI Bank, Yes Bank and Axis Bank.

A virus infection at Hitachi Payments Services led to this issue. Hitachi is one of the companies that operate ATMs in India. The compromised debit cards were used in ATMs that are suspected to have exposed details of the cards to the malware.

Hitachi is a whitelabel ATM service provider, managing the YES bank ATMs and pos machines. Most probably those cards which were used in YES bank ATMs got affected.

According to a Mint report, 90 Yes Bank ATMs and point of sale (PoS) terminals were targeted by malware, resulting in data of customers of banks including State Bank of India, ICICI Bank Ltd, HDFC Bank Ltd and Yes Bank being stolen by hackers.

It is still not clear what types of data were stolen. Whether it is just pins or Name, Date of Birth, etc. Names and date of birth of customers is a major data breach and can be misused widely,