Information of thousands of customers is likely to be affected in the data breach related to the multi-currency forex cards of Yes Bank and BookMyForex. RBI has sought a detailed report from the bank and has started an investigation into the security lapses.
Business News: After IDFC First Bank, now a big problem related to Yes Bank has come to light. The data breach involving the multi-currency Forex cards of Yes Bank and BookMyForex has raised questions about the security of millions of customers. According to reports, card details and even CVV numbers of many customers were hacked. Considering the seriousness of the matter, the Reserve Bank of India has summoned senior officials of the bank and sought detailed information.
Which card is the matter related to?
This data breach is related to Yes Bank-BookMyForex Multi-Currency Forex Card. This card is commonly used by customers traveling abroad, in which different currencies can be loaded.
After the matter came to light, concerns have increased that if sensitive information like card details and CVV is leaked, it could pose a direct threat to customer accounts. CVV is a three-digit security code which is required during online transactions.
Initial information about data leak
According to media reports, on February 24, suspicious fraudulent transactions involving 15 merchants were found in a Latin American country. These transactions are said to be related to around 5,000 customers.
Transactions worth around Rs 2.54 crore were approved, while 688 unauthorized transaction attempts worth around Rs 90 lakh were blocked. These figures show that the issue is not small and a large number of customers may be affected.
However, it is not yet clear how many customers’ data has been leaked and how many cards have been completely compromised.
RBI asked for detailed report
Reserve Bank of India has asked many important questions to Yes Bank. The regulator wants to know how the system was breached, which security layers failed and how much sensitive data was leaked.
RBI has also asked how sensitive data like CVV was stored and protected. Were encryption standards and security protocols followed? Why existing cyber controls fail to prevent exposures.
Apart from this, questions have also been raised on the timeline of detection and reporting, third-party risk management and strength of oversight. The regulator wants to ensure that such incidents do not happen again in future.
What was said by the bank
Yes Bank has not officially shared much information, but has said that internal investigation revealed fraudulent transactions involving foreign merchants. The bank is now starting the chargeback process in collaboration with the card networks so that the affected customers do not suffer any financial loss.
BookMyForex clarifies that it does not store sensitive card information of its customers. According to the company, there was no breach or compromise in its system at that time.
How big a threat to customers
If CVV and card details are hacked then it means that hackers may try to conduct online transactions. Although the bank has blocked some unauthorized attempts, customers still need to remain cautious.
In such cases, banks usually block the affected card and issue a new card. Also, customers are advised to immediately lodge a complaint on suspicious transactions.
Comments are closed.