Saturday, April 13, 2024

ICICI Bank Data Leak – Millions of Customers’ Sensitive Data Exposed

Researchers have recently found that the ICICI Bank systems misconfiguration caused data leakage, exposing more than 3.6 million customers’ sensitive data.

ICICI Bank, a multinational Indian bank, operates in 15+ countries worldwide and boasts a market value exceeding $76 billion with 5,000+ branches across India.

The Indian government declared ICICI Bank’s resources as “critical information infrastructure” in 2022, signifying that any harm may have severe implications on national security.

Data Leak

Threat actors target financial services and organizations more frequently than other sectors. And in this case, if they managed to gain complete access to the leaked data, it could damage both the bank and its customers.

ICICI Bank’s sensitive data and its clients’ information were exposed when the Cybernews research team found a misconfigured and publicly accessible Digital Ocean bucket with over 3.6 million files on February 1.

Here below, we have mentioned the types of data leaked:-

  • Bank account details
  • Credit card numbers
  • Full names
  • Dates of birth
  • Home addresses
  • Phone numbers
  • Emails

In addition to leaking bank statements and filled-in KYC forms, the bucket exposed clients’ passports, IDs, and Indian PANs (taxpayer identification numbers).

In the storage, CVs of current employees of the bank, as well as job applicants, were found. This is another indication that the leak also affected staff at the bank.

The impact of the leak is expected to be severe due to the massive amount of personal data is leaked, which can potentially damage:-

  • Reputation of the bank
  • Expose internal processes of the bank
  • Compromise the safety and security of clients’ sensitive data
  • Compromise the safety and security of employees’ sensitive data

According to the report, Leaked data could enable threat actors to engage in identity theft and fraud, such as creating accounts in individuals’ names without their knowledge using stolen credentials and personal information.

Not only that, even as a result, spear phishing campaigns may target employees, businesses, and individuals whose data has been exposed, putting them at risk.

Also, selling data on the dark web is a potential risk, and ICICI Bank could also become a target of ransomware attacks.

Company’s Response

After identifying the issue, the security researchers immediately contacted the following entities in an attempt to report this loophole:-

  • ICICI Bank
  • Indian Computer Emergency Response Team (CERT-IN)

As soon as they reported the issue to ICICI Bank, they acted immediately, and on March 30, they restricted all public access to their Digital Ocean bucket.

When security experts at Cybernews tried to get an official comment from the communication team of the ICICI Bank, they received the following reply via email from the bank:-

“Thanks for your email. With regards to it, we do not know which incident you are referring to.”

Later when they tried to establish their communication with the bank’s Corporate Communications Team, they rejected the email sent by a Cybernews journalist.

Recommendations

Here below, we have mentioned all the recommendations that the security analysts provide:-

  • It is recommended that cloud storage buckets be secured as much as possible to prevent such data leaks.
  • ICICI Bank must notify its customers of the data leak so they can minimize the risk and further damage that may occur.
  • Bank should directly guide all its users to report any suspicious activity immediately to ICICI Bank to identify and avoid fraudulent emails, websites, and calls.
  • Passwords must be changed, and vital login details should be created for those affected.
  • Make sure to enable 2-Factor authentication.

Follow us on LinkedIn & Twitter for Daily Cyber Security News Updates.

Website

Latest articles

Alert! Palo Alto RCE Zero-day Vulnerability Actively Exploited in the Wild

In a recent security bulletin, Palo Alto Networks disclosed a critical vulnerability in its...

6-year-old Lighttpd Flaw Impacts Intel And Lenovo Servers

The software supply chain is filled with various challenges, such as untracked security vulnerabilities...

Hackers Employ Deepfake Technology To Impersonate as LastPass CEO

A LastPass employee recently became the target of an attempted fraud involving sophisticated audio...

Sisence Data Breach, CISA Urges To Reset Login Credentials

In response to a recent data breach at Sisense, a provider of data analytics...

DuckDuckGo Launches Privacy Pro: 3-in-1 service With VPN

DuckDuckGo has launched Privacy Pro, a new subscription service that promises to enhance user...

Cyber Attack Surge by 28%:Education Sector at High Risk

In Q1 2024, Check Point Research (CPR) witnessed a notable increase in the average...

Midnight Blizzard’s Microsoft Corporate Email Hack Threatens Federal Agencies: CISA Warns

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive concerning a...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Top 3 SME Attack Vectors

Securing the Top 3 SME Attack Vectors

Cybercriminals are laying siege to small-to-medium enterprises (SMEs) across sectors. 73% of SMEs know they were breached in 2023. The real rate could be closer to 100%.

  • Stolen credentials
  • Phishing
  • Exploitation of vulnerabilities

Related Articles