At least 300 small local banks were forced to temporarily shut down their payment systems due to a ransomware attack on a technology service provider. According to sources, the National Payment Corporation of India is performing an audit to make sure the attack doesn't spread.
C-Edge Technologies, a provider of banking technology systems to small banks throughout India, was reportedly impacted by the attack.
In a late-evening statement, the National Payments Corporation of India (NPCI) stated that 'C-Edge Technologies may have been affected by a ransomware attack impacting a few of their systems' and that it was necessary to temporarily prevent C-Edge from using the retail payment systems run by NPCI.
Along with C-Edge Technologies, restoration work is being done on a war footing, and the required security review is underway.
Netizens reaction
X user (previously called Twitter): 'Please bring more strict data privacy and protection laws and force companies to get regular security audits, and also ensure a hefty fine is imposed if the company fails to do so. Also, make it mandatory for such a critical service to have in house cybersecurity teams and funds.'
Another X user, Alphonsokurukuchu the first, @Jaeger7877, said, Is there a list of banks that use C-Edge, to which NPCI @NPCI_NPCI replied Hi, thanks for writing in. We shall revert shortly.
Customers of cooperative banks and regional rural banks that rely on C-Edge, a joint venture between SBI and TCS, were affected, according to officials, who also noted that other banking services were operating as usual.
They stated that the problems have been present for the past two days following the identification of a security breach at C-Edge and that in order to safeguard the wider payments system, appropriate measures had to be implemented, beginning with the isolating of the C-Edge system.
