Monday, November 22, 2021

PNB data breach: Bank denies claims, issues a four-point clarification note


Punjab National Bank (PNB)
has denied claims made in a cyber security firm's report that the personal data of the bank's millions of customers was breached due to a loophole in its system.

According to the report by the cyber security firm Cyberx9, a vulnerability in the server of PNB allegedly exposed the personal and financial information of its about 180 million customers for about seven months. CyberX9 has claimed that the vulnerability provided access to the entire digital banking system of PNB with administrative control.

Meanwhile, the bank has confirmed the glitch but denied any exposure of critical data due to the vulnerability.

1) We have thoroughly checked our ICT systems those on Internet-facing and operating in the background at PNB. There has been no breach of systems and pilferage of any personal data of any of our customers and account holders of PNB. 

2) It is an established fact that hackers regularly attempt to penetrate every and all Internet-facing systems anywhere in the world. PNB has implemented stringent security controls in all our ICT systems. The reported attempt of the perpetrator was monitored and checked. All our critical ICT systems dealing with banking transactions are kept in a secure zone, called DM zone with multiple layers of protection. 

3) Bank has deployed Data leak prevention solutions that prevent any unauthorized data to be sent through emails. The said zone does not permit unauthorised access to anyone including internal staff. The ICT systems are monitored round the clock by competent staff at the security operation centre. The data at rest and transit are encrypted using proprietary algorithms. 


Source: Livemint

No comments:

Post a Comment

Popular Posts