RuPay
A RuPay sign is seen on the door of an automated teller machine (ATM) while a user is seen, at a commercial building in Mumbai September 11, 2014.Reuters

Indian banks are likely to replace or re-issue as many as 3.2 million debit cards following a suspicious malware-related security breach in the ATM network, which could result in financial data of card holders being compromised.

In what is touted to be the biggest card replacement exercise in the Indian banking sector, the debit cards will be issued afresh.

The worst-hit banks are State Bank of India (SBI), HDFC Bank, ICICI Bank, YES Bank and Axis Bank. According to reports, the breach is said to have occurred in systems of Hitachi Payment Services, which enables hackers to steal information.

Some people have reported unauthorised usage from China.

A forensic audit has now been ordered by the Payments Council of India (NPCI). "We have received complaints from banks about debit cards being used in China, which arouse suspicion. Though most of the suspected fraudulent transactions happened in the Visa and MasterCard network, we thought a whole forensic audit of the entire network will help us find out where the compromise happened," AP Hota, NPCI Managing Director was quoted as saying by the Economic Times.

In a statement, HDFC has said it has taken action in the matter a few weeks back. "Besides advising those customers who we know have used a non-HDFC Bank ATM in the recent past to change (their) ATM PIN, we are advising our customers to use only HDFC Bank ATMs as we believe security controls at some of the other bank ATMs may not be at par with HDFC Bank ATMs."

SBI to re-issue 6 lakh debit cards

SBI, along with its subsidiary banks, blocked 6.52 lakh debit cards of its customers following a suspicious malware-related security breach in the ATM network. It has said that it would re-issue the debit cards to its customers.

"It is a security breach, but not in our banks' systems. Many other banks also have this breach —right now and since a long time. A few ATMs have been affected by malware. When people use their card on infected switches or ATMs, there is a high probability that their data will be compromised," Shiv Kumar Bhasin, SBI's chief technology officer, was quoted as saying by publications.

Also Read