English
English
English
In late August, UpGuard’s team discovered approximately 273,000 PDF files on an Amazon-hosted storage server containing bank transfer records of Indian customers.
Millions of bank transaction records exposed
New Delhi: Sensitive data from 38 Indian banks and financial institutions is feared to have been leaked online. Cybersecurity company UpGuard has reported that a security breach in an Amazon S3 cloud server exposed millions of bank transaction records online. This leaked data included personal information such as account holder names, bank account numbers, transaction amounts, and contact information.
In late August, UpGuard's team discovered approximately 273,000 PDF files on an Amazon-hosted storage server containing bank transfer records of Indian customers. Most of these files were related to NACH (National Automated Clearing House). NACH is widely used for salary transfers, loan repayments, and regular payments such as electricity and water bills. This leak reveals a significant breach in banking data security.
Bank of Baroda declares Anil Ambani RCom loan account as fraud following SBI and BOI
According to UpGuard, data from at least 38 banks and financial institutions has been compromised. Aye Finance accounted for the largest number of documents, while the State Bank of India (SBI) also appeared in several files. This leak has become a cause for concern for many major financial institutions, including the country's largest bank.
Related institutions, including Aye Finance and the National Payments Corporation of India (NPCI), were informed of the incident. However, the data remained exposed on the internet until early September. CERT-In was later informed and the servers were secured. NPCI has clearly stated that its systems are secure and no data was leaked. However, Aye Finance and SBI have not issued any official statements on the matter. Neither institution has claimed responsibility for the data leak.
Clasified Scorpene submarines data leaked, Defence Minister Parrikar seeks report
This incident re-emphasizes the importance of data security and digital privacy in India. There is still no concrete answer as to when and how the security of customers' personal data will be ensured. Banking data leaks have increased the risk of misuse of users' personal information, raising serious concerns about digital security.
Relevant institutions must immediately investigate this matter, address vulnerabilities, and provide digital services to customers with confidence in security. Learning from this incident, there is a need to further strengthen data security in India.
