Category: ICICI

A relatively unknown ransomware group named Bashe, potentially linked to the infamous LockBit gang, has launched a cyberattack on ICICI Bank, a major Indian financial institution with a global presence. According to reports, the group managed to breach the bank’s systems, stealing a portion of its data, which is now reportedly up for sale on the dark web.

Bashe, notorious for its aggressive tactics, typically gives victims a mere 48-hour deadline to comply with their demands. In this case, the group has set a deadline of January 24, 2025, after which it threatens to release the stolen data online.

ICICI Bank, which began as a private entity nearly two decades ago, now operates under regulations set by the Reserve Bank of India (RBI). It was a pioneer in introducing private banking services to Indian customers, a model later adopted by other national banks like the State Bank of India (SBI). This longstanding reputation has earned the bank a significant customer base, including those in India and among non-resident Indians (NRIs) worldwide.

The news of a potential ransomware attack has raised serious concerns, especially among Indian consumers, both at home and abroad, as the bank offers convenient mobile banking services for its global clientele. The fear of sensitive data being exposed has amplified anxieties within the banking community.

Bashe is known for targeting key sectors such as healthcare, logistics, technology, and banking in countries like the United States, the UK, France, Germany, and Australia. Previous investigations have linked the group to servers in the Czech Republic, a country that has become a haven for cybercriminals, although there is no direct evidence linking the Czech government to these criminal activities. However, the group’s operations remain difficult to trace, and investigations are ongoing.

ICICI Bank has yet to comment on the data breach allegations, as its incident response team is currently investigating the matter.

A History of Data Security Issues

This isn’t the first time ICICI Bank has been involved in a data security controversy. In 2023, the bank faced criticism for storing sensitive customer information on poorly secured servers, leading to a data leak that exposed phone numbers, emails, personal identification documents, CVs, home addresses, credit card details, and account information.

The post Bashe Ransomware strikes ICICI Bank appeared first on Cybersecurity Insiders.

ICICI Bank, an Indian bank with a business presence in over 15 countries, has become a victim of a data breach, leaking information of more than 3.8 million customers or 38 lakh customers. The banking giant says that the news of the data breach is false, as its preliminary inquiries have revealed that the available information on the web is fake and doesn’t belong to its customers.

However, the multinational Indian bank is still investigating the incident and may take at least 48 hours to offer confirmed details on the customer info leak.

According to sources reporting to Cybersecurity Insiders, the hackers accessed the information by exploiting a misconfigured cloud data bucket that had critical information stored on it. The information that was accessed via misconfigured servers of the Digital Ocean bucket includes bank account transaction details, credit card numbers, bank statements, full names, DOBs, home addresses, contact details, email addresses, PII docs, and employee CVs.

Passport numbers, driving license details, and PAN details belonging to some of the customers were also accessed by hackers on a fraudulent note.

Unconfirmed sources state that the fraudulent access took place from February 1st of this year, and Know-Your-Customer (KYC) data was also compromised in the incident. As soon as the Indian CERT team alerted the bank staff, they blocked the hackers’ access immediately and took appropriate measures to avoid such blunders in the future.

The ICICI Bank data leak seems to be critical as it can expose customers and staff to spear-phishing attacks.

NOTE: At one point in time, around 15-18 years back, ICICI Bank brought a revolution to the Indian banking sector by introducing online banking services. This made the banking customers in the Indian subcontinent compare the services to the government-run banks, which were later forced to introduce similar services that were never on par with the then services of ICICI Bank. Gradually, things improved, and since 2016, all government banks started matching the online and phone banking services of ICICI Bank, after which it was forced to abide by the rules of RBI for various reasons.

The post Indian ICICI Bank data breach exposes 3.8 million customer information appeared first on Cybersecurity Insiders.