ICICI Bank, a leading private bank in India, recently acknowledged a data breach impacting nearly 17,000 newly issued credit cards. The bank emphasized it was a technical glitch, not a traditional data leak involving external actors.
The issue stemmed from an error within the bank's mobile banking application, iMobile Pay. This error resulted in these new credit cards being mistakenly linked to incorrect user accounts. According to reports on a financial forum, some customers using the app encountered full credit card details belonging to unknown individuals. This information included critical details like complete card numbers, expiration dates, and even CVVs, which are three-digit security codes required for authorization.
The exposed data's severity allowed users to not only view these details but potentially adjust settings for the unintended cards. This included enabling international transactions or modifying spending limits. Fortunately, ICICI Bank reacted swiftly to the situation. The bank blocked all 17,000 affected cards and initiated the process of issuing replacements to impacted customers.
While the bank assured no misuse of the data had been reported so far, the incident has raised concerns about ICICI Bank's data security protocols. The bank has assured customers that they will be compensated for any financial losses arising from this mistake.
This glitch comes at a time when online banking security is under increased scrutiny in India. Data breaches involving financial institutions can have severe consequences, potentially leading to identity theft and fraudulent financial transactions. This incident highlights the importance of robust digital security measures for banks and the need for customer vigilance.