debit cards icici bank security data breach banks read npci sbi india cyber fraud
ATMs that have not been working since the announcement of the demonetisation of Rs 500 and Rs 1,000 currency notes have added to the troubles of the general public who have been forced to stand in long queues to withdraw money.Reuters file

In the wake of the massive breach of security that potentially compromised data of 3.2 million debit card holders of Indian banks spread across networks of RuPay, Mastercard and Visa, private sector lender ICICI Bank has come up with a list of precautionary measures for its customers.

In a communication sent on Thursday night, the bank said it has changed the ATM PINs of those customers who were perceived as potentially affected by the security breach.

"...we would like to assure you that ICICI Bank has already taken precautionary measures to change the ATM PIN of customers who were identified to be at risk," the communication read, while reassuring other customers.

"If you have not received any communication from ICICI Bank to change your ATM PIN, you can be sure that your debit card is not at risk."

In a related statement on Thursday, the National Payments Corporation of India (NPCI) said the data compromise involved 641 customers of 19 Indian banks, resulting in fraudulent withdrawals of Rs 1.30 crore. 

"All affected banks have been alerted by all card networks that a total card base of about 3.2 million could have been possibly compromised. Out of this 0.6 million are RuPay cards," it said in the statement.

The umbrella organisation for all retail payments systems in India explained how the breach was detected. 

"The genesis of problem was receipt of complaints from few banks that their customer's cards were used fraudulently mainly in China and USA while customers were in India. Apprehending that this could be a case of card data compromise, all the ATMs / PoS terminals in India and three card networks – RuPay, Visa and MasterCard worked in a collaborative manner in the month of September 2016."

Here are the dos and don'ts issued by ICICI Bank to its customers:

Do change your ATM PIN once in 3 to 6 months.

Do not share your ATM PIN with anyone.

Report lost or stolen cards immediately.

NEVER SHARE your Card number, CVV, PIN, OTP, Expiry date or URN with anyone, even if the person claims to be a bank employee. Sharing these details can lead to unauthorised access to your account.

Never keep your Card and PIN together or write your PIN on the card.

Transact online only at reputed and known online merchants.