No FIR in security breach of 32 lakh debit cards raises questions on India’s digital economy


In October last year, it was sensationally revealed that more than 32 lakh debit cards of customers had been blocked or recalled by banks to prevent them from falling prey to any financial fraud after a major security breach at a payment services provider that manages ATM network of a private sector bank.

32 lakh debit cards

While some of the banks like SBI recalled around six lakh cards, others like Bank of Baroda, IDBI Bank, Central Bank and Andhra Bank have replaced their affected debit cards as a pre-emptive measure.

Some of the lenders like ICICI Bank, HDFC Bank and Yes Bank too asked customers to change their ATM pin numbers.

HDFC Bank, for its part, advised its customers to use its own ATMs for carrying out any transaction.

The suspected security breach happened through a malware in the systems of Hitachi Payments Services, which serves YES Bank.

Hitachi provides payment services through ATM services, point of sale services (POS), emerging payments services and banking channel products like cash recycling ATMs and auto passbook entry machines.

This was a sensational security breach under a government, which has vowed to promote digital economy.

However, even more alarming is the new revelation that there has been no FIR in this astonishing security breach of more than 30 lakh debit cards.

An RTI reply by the government of India has revealed that no FIRs have been registered in the matter.

The RTI, reply, obtained by activist Neeraj Sharma, said that a forensic investigation was carried out by the ATM service provider ‘M/S Hitachi’ and the finding was later submitted to the RBI.

“However, the same (report submitted to the RBI) cannot be disclosed.. since the disclosure of the same would adversely affect the economic interest of the state.”

In response another question in the RTI request, the central government also informed that a total ‘loss of Rs 14.96 rores was reported to RBI as a result of successful attempts of misuse of compromised cards numbering 3291.’

The Delhi-based RTI activist Sharma told Janta Ka Reporter, “Digital India without Digital security is not good for India. The government should not push people towards digital transaction without safety measures.

He said, “This RTI reply also revealed that RBI doesn’t have their own digital forensic experts, who can do a thorough investigation. RBI is dependent on private firms on forensic investigation.  The government should take immediate steps to catch the responsible people and prosecute them. The government should also ensure that these incidents are not repeated in future.”




Please enter your comment!
Please enter your name here