Mumbai: The National Payments Council of India (NPCI) on Wednesday blamed the Cosmos Bank’s “own IT environment” for the unprecedented cyber loot which left the Pune-based bank poorer by Rs 94.42 crore.
In a statement, the NPCI’s Head Risk Management, Bharat Panchal, said “the NPCI’s systems are fully secure and this particular issue has occurred within the (Cosmos Bank’s) own IT environment. “This has happened due to malware-based attack on the bank’s IT system which has caused a fraud. Under the attack, maximum transactions have been reported from outside India,” Panchal pointed out.
He reiterated that the systems of NCPI – the umbrella organisation for operating retail payments and settlement systems in India – were absolutely secure and it was continuously monitoring the situation arising out of the Cosmos Bank episode.
The Indian banking industry went in shudders on Tuesday after the Cosmos Bank admitted that it fell victim to an international group of hackers who siphoned off a total of Rs 94.24 crore in two cyber attacks on August 11 and August 13.
In the first cyber hit, the bank lost Rs 80.50 crore through multiple ATM swipes in 28 countries. In the second malware assault, the hackers gobbled up Rs 13.92 crore by initiating SWIFT transfers. Kale said that after the malware attack on the critical communication system between various payment gateways was hacked, the hackers’ gangs were informed simultaneously in 28 countries and they immediately started the withdrawals.
Pending investigations, the country’s second oldest and second largest cooperative bank (in terms of deposits and advances) has now shut all ATMs across the country for two days till Thursday to prevent any further incidents. Banking experts and industry players fear this could be a ‘pilot run’ unless the authorities take it seriously.
The consolation was the Cosmos Bank Chairman Milind A. Kale’s statement that none of the bank’s 20 lakh customer accounts have been affected nor would they bear any loss.