A day after reports surfaced that nearly 10,000 credit or debit card holders of Punjab National Bank (PNB) were affected by a data breach, the cyber security firm that detected the breach on Friday said it is now the responsibility of the bank to validate and take necessary actions.CloudSek Information Security, a company registered in Singapore that also has its office in Bengaluru, gave a detailed account of how they spotted the data breach and its communication with PNB."On 20th Feb, we identified a listing that claimed to have multiple cards that belonged to PNB that were put up for sale on a DarkWeb site. We immediately tried reaching out to PNB using the cybercrime contact emails that were listed on their website. But that email bounced," CloudSek Chief Technical Officer Rahul Sasi said in a statement. "On 21st, Feb, 8.10 PM we were able to reach to PNB officials via a third party source. The PNB officials were quick to respond as we got a call back the same day 10.00 PM from PNB security officials. We provided them a detailed report about the leaked data," he added."On 22nd, Feb, 1.10 we provided them with a more detailed report. And the officials ensured swift action," Sasi further said.
The data available for sale includes names, expiry dates, Personal Identification Numbers and Card Verification Values.A report in Hong Kong-based English language news website Asia Times, however, claimed on Thursday that PNB's Chief Information Security Officer T.D. Virwani has confirmed that the bank was working with the government to contain the fallout from the data breach. According to Sasi, at this stage, CloudSEK has no method to ensure if a listed data is authentic or not. "Nor we do not put any effort to validate that data. It is the responsibility of the bank to validate and take necessary actions," he noted. Dark Web is an unexplored portion of the Internet which is not generally found on Google searches. The Dark Web hosts many underground services such as Hacking as a Service, insider information for sale, sensitive account information like Bank credentials and much more."Many a time, credit card sellers try to dupe their customers by sandwiching a few valid credit card data between hundreds of fake data," Sasi said.CloudSEK said no other bank has been affected in this data breach."We at CloudSEK maintain a unique hash related to the different data leaks for the past 2 years, and this hash helps us identify old/invalid leaks. This is how we have come to the conclusion that only one bank had unresolved leaks that are yet to be fixed," Sasi stressed.PNB is already reeling under a multi-crore-rupee financial fraud by two fugitive luxury jewellers.