Researchers have recently found that the ICICI Bank systems misconfiguration caused data leakage, exposing more than 3.6 million customers’ sensitive data.
ICICI Bank, a multinational Indian bank, operates in 15+ countries worldwide and boasts a market value exceeding $76 billion with 5,000+ branches across India.
The Indian government declared ICICI Bank’s resources as “critical information infrastructure” in 2022, signifying that any harm may have severe implications on national security.
Threat actors target financial services and organizations more frequently than other sectors. And in this case, if they managed to gain complete access to the leaked data, it could damage both the bank and its customers.
ICICI Bank’s sensitive data and its clients’ information were exposed when the Cybernews research team found a misconfigured and publicly accessible Digital Ocean bucket with over 3.6 million files on February 1.
Here below, we have mentioned the types of data leaked:-
In addition to leaking bank statements and filled-in KYC forms, the bucket exposed clients’ passports, IDs, and Indian PANs (taxpayer identification numbers).
In the storage, CVs of current employees of the bank, as well as job applicants, were found. This is another indication that the leak also affected staff at the bank.
The impact of the leak is expected to be severe due to the massive amount of personal data is leaked, which can potentially damage:-
According to the report, Leaked data could enable threat actors to engage in identity theft and fraud, such as creating accounts in individuals’ names without their knowledge using stolen credentials and personal information.
Not only that, even as a result, spear phishing campaigns may target employees, businesses, and individuals whose data has been exposed, putting them at risk.
Also, selling data on the dark web is a potential risk, and ICICI Bank could also become a target of ransomware attacks.
After identifying the issue, the security researchers immediately contacted the following entities in an attempt to report this loophole:-
As soon as they reported the issue to ICICI Bank, they acted immediately, and on March 30, they restricted all public access to their Digital Ocean bucket.
When security experts at Cybernews tried to get an official comment from the communication team of the ICICI Bank, they received the following reply via email from the bank:-
“Thanks for your email. With regards to it, we do not know which incident you are referring to.”
Later when they tried to establish their communication with the bank’s Corporate Communications Team, they rejected the email sent by a Cybernews journalist.
Here below, we have mentioned all the recommendations that the security analysts provide:-
The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS devices.…
White House National Cyber Director, CEOs, Key Financial Services Companies, Congressional and Executive Branch Experts…
Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan exploits…
The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on organizations…
Google has updated its Chrome browser, addressing critical vulnerabilities that posed potential risks to millions…
WrnRAT is a new malware attack that cybercriminals have deployed by using popular gambling games…