Chairman of the country’s second biggest and second oldest cooperative bank with regards to financial format (advances and deposits), Mr. Milind. A. Kale, without delay, assured the 20 lakh account holders in 140 branches across India that their “monies are safe” and not to opt for panic withdrawals.
The Cosmos Bank admitted that cyber-attack occurred twice, first on Saturday and the second attack took place on Monday through multiple ATM withdrawals, resulting in an FIR being lodged at Chaturshringi Police Station by a senior official.
Banking expert Vishwas Utagi told IANS, “This has never been witnessed before, the way the bank’s servers at the payment gateway levels were hacked and the monies transferred around the world before they could be prevented. It is an attack on national security and all concerned authorities including the Reserve Bank of India (RBI) must take serious note of future risks.”
After the malware attack hacked the critical communication system between various payment gateways, the hacker gangs immediately started the withdrawals in 28 countries, said Kale.
Kale told IANS, “The actual number of cards compromised is around 450, but they made multiple withdrawals from each card and the final figure has built up to Rs 94.24 crore”.
He further added, “The bank has recovered the complete data of the number of transactions, each card hacked, the particular ATMs in 28 countries worldwide where they were used along with the timings to help the investigations, and the card numbers. In view of the sensitive nature, we cannot disclose the countries, the banks or ATMs locations which may jeopardize the probe.”
Providing further details, the Cosmos Bank in its police complaint reported that the first attack eventuated on 11th August (a bank holiday) between 3:00 p.m. and the second attack befell on 13th August around 11:30 a.m., disturbing the bank headquarters on Ganeshkhind Road.
Chairman Kale told the media, “We have appointed a professional forensic agency to investigate this malware attack. It will submit its report in the next few days regarding the modus operandi of this and the exact numbers and values of the transactions.”
Around 78 crores were withdrawn on Saturday via ATMs located in 28 countries through 12,000 Visa Card transaction. This amount was then transferred in bank accounts in Hong Kong and to the other parts of the world.
Another transaction of 2.50 crore from 2,849 Rupay Card transactions was transferred within India. The details are being investigated by the police.
The bank swiftly clamped a shutdown on its Rupay and Visa debit card payment systems as soon as these suspicious transactions were reported. The bank further suspended its entire ATM network for the next two days.
The outstanding to both Rupay and Visa- Rs. 2.50 crore and Rs. 78 crore-were defrayed on Monday. The global service provider Visa also notified the RBI.
While the bank was trying to grapple with the crisis, a new attack was mounted on August 13, that is on Monday when the SWIFT transactions were initiated and within a matter of few minutes, 13.92 crores were transferred to the accounts of “ALM Trading Ltd,” Hang Seng Bank, Hong Kong. These amounts too were withdrawn soon from that bank.