India's biggest ATM hack: will you lose your money? Here's what to do

Catch Team | Updated on: 21 October 2016, 11:37 IST
ATM debit card hack: what you should do
ATM debit card hack: what you should do

If you used an ATM machine in the past one month anywhere in the country, chances are that the details of your debit card were compromised, and you may lose the whole amount lying in your bank account.

As many as 32 lakh debit cards belonging to banks like SBI, Axis Bank, HDFC and Yes Bank are believed to have been hacked into through a malware that infested into the payment systems of Hitachi Payment Services, which operates the ATMs of Yes Bank across the country.

Though Yes Bank, in response to queries from Catch, denied any problems at its ATMs, saying: "Yes Bank has proactively undertaken a comprehensive review of its ATMs, and there is no evidence of a breach or compromise on Yes Bank ATMs.

"Yes Bank continues to work with relevant stakeholders, including other public sector and private banks, and NPCI (National Payments Corporation of India), to ensure utmost safety and security of its ATM network and payment services, which are completely safe to use."

An Axis Bank spokesperson also said: "The breach has occurred in the case of customers who have used certain non-Axis Bank ATMs. Over the last few weeks, Axis Bank has proactively reached out to the affected customers and advised them to change their Debit Card PINs. The Axis Bank ATM network is fully secured and customers should ideally use Axis Bank ATMs to change their debit card PINs."

A similar response was given by a Mastercard spokesperson quoted by Huffington Post: "We are aware of the data compromise event. To be clear, Mastercard's own systems have not been breached."

What can you do now?

In case you have already lost the money, most banks would not be willing to pay you the refund, as they may claim that the data breach did not happen in their own ATMs.

Though these are the initial claims of the banks and network providers, a detailed probe by the law enforcing authorities will be able to fix liabilities in a better way.

The Payments Council of India has already begun a forensic audit to figure out the responsible party whose systems were hacked, leading to this financial fraud.

However, in the meantime, as a consumer, here are the things that you must do immediately after reading this story:

1. Change your PIN: Customers of all banks except Yes Bank can immediately go to their own bank's ATMs and change their PINs. In the near future, there are chances that those ATM cards at the risk of having lost data will be replaced by their respective banks.

2. Give a call to your bank's customer care department: Ask the bank about each and every transaction that took place over the past two months. If there is any suspected transaction that you never undertook, report it to the bank and ask for clarity.

3. Use your own bank's ATMs only: Since the initial claims state that the Yes Bank ATMs operated by Hitachi have been breached, it is important that you use only your own bank's ATMs for any transactions.