In what comes as a shocker, data of millions of State Bank of India customers was leaked! A TechCrunch media report claims that SBI failed to protect financial credentials of its customers. This comes as a cause of concern to not only SBI but its bank account holders, considering it caters to a wide population in India. This government-owned lender is the largest bank in the country, and is referred as ‘Too Big To Fail’ by RBI.
The report claims that a Mumbai-based data centre had stored two months of customers bank account data from SBI Quick which is a text message and called-based system. It said that SBI did not protected the server with a password, and hackers have used this gateway as their mean to hack millions of bank accounts the lender holds.
As per the report, it was not known for how long the server was kept open without a password, but long enough for anyone to access it.
With this, the unanimous entities or individuals have hacked customers phone number, address, account numbers, balance transactions details among others. For your information, cracking a phone number and account details is more than enough to snatch your money from bank account. The SBI Quick is a SMS and cell based service, hence, they can request your balance information and follow a transaction easily.
Cybersecurity expert Robert Hannigan, formerly the head of GCHQ in a recent McKinsey Podcast in regards to How Organisations can thwart Cyberattacks, said, “If you look at the two big trends, the rise in volume of attacks and the rise in sophistication, they are both alarming. On volume, particularly of crime, there were something like 317 million new pieces of malicious code, or malware, [in 2016]. That’s nearly a million a day, so that’s pretty alarming.”
Hannigan explans that, on the sophistication, we’ve seen, particularly, states behaving in an aggressive way and using very sophisticated state capabilities and that bleeding into sophisticated criminal groups.
While SBI is yet to shed some clarity on this new appalling development, as a customer one should adopt a precautionary method to protect their money and bank account.
Generally, if a bank account has been hacked using your debit card, phone number, user name, password or PIN, one should expect a bank to bear the burden. However, this is a long process, most cases you will not recover the entire amount or none to be accurate.
Considering this was a server based hacking, what you need to do is first remember every internet source where you have accessed your financial credentials. This can be your laptop, computer, office PC, mobile phone, etc.
Scan and clean your internet access device and add an antivirus. This will help get rid of rootkit or keylogger.
If you have received a message about an unauthorised transaction, then immediately contact your bank and block your debit card, credit card even account for some period.
One of the safest way is to immediately reset your password, pin, security question and answers.
Also, verify your contact details such as address, phone number.
RBI has given guidelines for reporting an unauthorised transactions. In the central bank’s case, when such situation derives, then there is zero liability on the head of customers if they report the matter within 3 days time to the bank, which the latter have to bear. If there is delay in reporting, then customer falls under to bear some burden.
If the transaction is massive, then not only report to your bank but also file a complaint with a nearby police station.
To make sure there is no such scenario again in future, some methods can be followed. For instance, create a very strong password having a mix of caption alphabet, small alphabets, key signs and numbers. Do not keep your password relating to your birth date, mobile number, friends or spouse or family names – these are easily accessible.
Make sure to have a two-way authentication process. For instance, when an unknown person logs into your account via separate computer and laptop, then you will receive a message for access. Make sure you request this procedure through both email address and mobile number, hence, you will be aware about any suspicious transaction.
Most likely, try using a one medium for carrying out any transactions. For instance, your banking app trying avoiding too many portals and accessing your account.
Be vigilant enough to check your bank balance, credit score, transactions in your bank account frequently in a month.
Thereby, if you are an SBI customer or any other bank account holder, remember the above mentioned steps to secure your money from hackers. It is rather be wise, then cry over loss!