Wednesday, May 14, 2025
HomeData BreachICICI Bank Data Leak - Millions of Customers' Sensitive Data Exposed

ICICI Bank Data Leak – Millions of Customers’ Sensitive Data Exposed

Published on

SIEM as a Service

Follow Us on Google News

Researchers have recently found that the ICICI Bank systems misconfiguration caused data leakage, exposing more than 3.6 million customers’ sensitive data.

ICICI Bank, a multinational Indian bank, operates in 15+ countries worldwide and boasts a market value exceeding $76 billion with 5,000+ branches across India.

The Indian government declared ICICI Bank’s resources as “critical information infrastructure” in 2022, signifying that any harm may have severe implications on national security.

- Advertisement - Google News

Data Leak

Threat actors target financial services and organizations more frequently than other sectors. And in this case, if they managed to gain complete access to the leaked data, it could damage both the bank and its customers.

ICICI Bank’s sensitive data and its clients’ information were exposed when the Cybernews research team found a misconfigured and publicly accessible Digital Ocean bucket with over 3.6 million files on February 1.

Here below, we have mentioned the types of data leaked:-

  • Bank account details
  • Credit card numbers
  • Full names
  • Dates of birth
  • Home addresses
  • Phone numbers
  • Emails

In addition to leaking bank statements and filled-in KYC forms, the bucket exposed clients’ passports, IDs, and Indian PANs (taxpayer identification numbers).

In the storage, CVs of current employees of the bank, as well as job applicants, were found. This is another indication that the leak also affected staff at the bank.

The impact of the leak is expected to be severe due to the massive amount of personal data is leaked, which can potentially damage:-

  • Reputation of the bank
  • Expose internal processes of the bank
  • Compromise the safety and security of clients’ sensitive data
  • Compromise the safety and security of employees’ sensitive data

According to the report, Leaked data could enable threat actors to engage in identity theft and fraud, such as creating accounts in individuals’ names without their knowledge using stolen credentials and personal information.

Not only that, even as a result, spear phishing campaigns may target employees, businesses, and individuals whose data has been exposed, putting them at risk.

Also, selling data on the dark web is a potential risk, and ICICI Bank could also become a target of ransomware attacks.

Company’s Response

After identifying the issue, the security researchers immediately contacted the following entities in an attempt to report this loophole:-

  • ICICI Bank
  • Indian Computer Emergency Response Team (CERT-IN)

As soon as they reported the issue to ICICI Bank, they acted immediately, and on March 30, they restricted all public access to their Digital Ocean bucket.

When security experts at Cybernews tried to get an official comment from the communication team of the ICICI Bank, they received the following reply via email from the bank:-

“Thanks for your email. With regards to it, we do not know which incident you are referring to.”

Later when they tried to establish their communication with the bank’s Corporate Communications Team, they rejected the email sent by a Cybernews journalist.

Recommendations

Here below, we have mentioned all the recommendations that the security analysts provide:-

  • It is recommended that cloud storage buckets be secured as much as possible to prevent such data leaks.
  • ICICI Bank must notify its customers of the data leak so they can minimize the risk and further damage that may occur.
  • Bank should directly guide all its users to report any suspicious activity immediately to ICICI Bank to identify and avoid fraudulent emails, websites, and calls.
  • Passwords must be changed, and vital login details should be created for those affected.
  • Make sure to enable 2-Factor authentication.

Follow us on LinkedIn & Twitter for Daily Cyber Security News Updates.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Threat Actors Leverage Weaponized HTML Files to Deliver Horabot Malware

A recent discovery by FortiGuard Labs has unveiled a cunning phishing campaign orchestrated by...

TA406 Hackers Target Government Entities to Steal Login Credentials

The North Korean state-sponsored threat actor TA406, also tracked as Opal Sleet and Konni,...

Google Threat Intelligence Releases Actionable Threat Hunting Technique for Malicious .desktop Files

Google Threat Intelligence has unveiled a series of sophisticated threat hunting techniques to detect...

New Adobe Photoshop Vulnerability Enables Arbitrary Code Execution

Adobe has released critical security updates addressing three high-severity vulnerabilities (CVE-2025-30324, CVE-2025-30325, CVE-2025-30326) in...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Marks & Spencer Confirms Customer Data Breach in Recent Cyber Attack

British retail giant Marks & Spencer has officially confirmed that customer personal data was...

Repeated Firmware Key-Management Failures Undermine Intel Boot Guard and UEFI Secure Boot

The security of fundamental technologies like Intel Boot Guard and UEFI Secure Boot has...

Cyberattackers Targeting IT Help Desks for Initial Breach

Cybercriminals are increasingly impersonating IT support personnel and trusted authorities to manipulate victims into...