Millions of records containing sensitive information, including financial data and client personal documents, were disclosed by ICICI Bank.
During the most recent inquiry, the Cybernews research team learned that the bank’s systems were misconfigured, which allowed the bank to release important information.
With over 5,000 branches across India and a presence in at least another 15 countries globally, ICICI Bank is a multinational Indian bank with a market value of more than $76 billion.
Notably, the Indian government designated the ICICI Bank’s resources as “critical information infrastructure” in 2022, meaning any damage could affect national security.
Although the infrastructure of the national bank was in a critical state, the protection of sensitive data was not guaranteed.
Bank and Client Critical Information Disclosed
The Cybernews research team uncovered misconfigured and publicly accessible cloud storage at Digital Ocean bucket – with over 3.6 million ICICI Bank files on February 1. The bank’s and its clients’ private information was revealed in files.
“Among the leaked data were bank account details, bank statements, credit card numbers, full names, dates of birth, home addresses, phone numbers, emails, personal identification documents, and employees’ and candidates’ CVs,” reports Cybernews.
Since financial services are the primary target for cybercriminals, the organization may have faced disastrous consequences and endangered its clients if bad actors had gained access to the disclosed data.
Additionally, files that included the clients’ passports, IDs, and Indian PANs (Indian taxpayer identity numbers) were kept in the bucket. Know-your-customer (KYC) forms and bank statements were also compromised.
The leak also harmed the bank’s employees, as CVs of existing employees and job candidates were found in the storage.
ICICI Bank’s Digital Ocean bucket’s access was wholly blocked on March 30. The report guarantees the problem was resolved once the leak was reported to the bank and the Indian Computer Emergency Response Team (CERT-IN).
Estimated Severity of ICICI Leak
“The impact of the discovered ICICI leak is estimated to be severe, as the volume of personal data leakage is significant,” Cybernews researchers wrote.
“Such sensitive information could undermine ICICI Bank’s reputation and may uncover details of the bank’s internal processes as well as jeopardize the safety and security of its clients, employees, and their data.”
Researchers claim threat actors could exploit exposed data to commit fraud and identity theft. The personal information and credentials acquired by fraudsters could be used to open accounts illegally in the names of individuals.
Employees, companies, and people whose data was exposed may be vulnerable to spear phishing attacks. Because criminals frequently target credit card information, bank account numbers, and logins to online banking platforms, the banking industry is particularly susceptible to phishing assaults.
Hence, always secure your cloud storage buckets, researchers warn. ICICI Bank can reduce the risk and potential harm by informing its clients of the data loss.
In addition, numerous users tweeted that they received password reset request emails from ICICI.
People who were impacted should change their login credentials and create strong passwords because the massive amount of personally identifiable information (PII) exposed made weak passwords easy for attackers to guess.
Customers should receive instructions from ICICI Bank on spotting and avoiding fake emails, websites, and phone calls and be urged to report any suspicious activity to the bank immediately.
Building Your Malware Defense Strategy – Download Free E-Book
Related Read: