ICICI Bank, one of India's leading financial institutions, has taken swift action after the credit card data of at least 17,000 new customers was exposed and accessed by unauthorised individuals. In response to this breach, the bank has announced the immediate blocking of these compromised cards and is issuing new ones to affected customers.
The alarming revelation came to light after concerned ICICI Bank customers took to social media to express their apprehensions regarding the security of the bank's iMobile Pay app. Users reported that sensitive credit card information, including full card numbers and card verification values (CVV), had been inexplicably visible within the app.
Reports surfaced on the finance-related forum, Technofino, where users detailed instances of encountering complete card details belonging to unknown individuals while using the iMobile Pay app. This breach raised significant concerns about the security protocols implemented by ICICI Bank to safeguard customer data.
An ICICI Bank spokesperson acknowledged the incident, stating that approximately 17,000 new credit cards issued in recent days had been mistakenly linked to incorrect users within the bank's digital channels. Despite this lapse, the spokesperson assured customers that no instances of misuse had been reported thus far. Additionally, the bank pledged to provide appropriate compensation for any financial losses incurred by affected customers.
The number of compromised credit cards represents a fraction, approximately 0.1 per cent, of ICICI Bank's extensive credit card portfolio. As a precautionary measure, the bank has swiftly invalidated these compromised cards and initiated the issuance of replacements to affected customers.
Expressing regret over the inconvenience caused, the ICICI Bank spokesperson reiterated the institution's commitment to ensuring the security and privacy of its customers' financial information.
Sachhin Gajjaer, CEO and Founder, Sattrix India commented, "To address these escalating threats, organisations in the BFSI and Fintech sectors must prioritise cybersecurity as a fundamental aspect of their operations. Implementing comprehensive measures such as robust encryption protocols, regular security audits, and stringent access controls is imperative to safeguarding critical data assets. Additionally, fostering a culture of cybersecurity awareness through employee training initiatives can empower staff to recognise and mitigate potential threats effectively. Collaborative efforts with industry peers and regulatory bodies are also essential to sharing threat intelligence and adopting best practices to stay ahead of evolving cyber threats. By adopting a proactive and collaborative approach, Indian enterprises can mitigate the risks posed by cyber-attacks and safeguard the integrity of their operations and customer trust in an increasingly digitised landscape."