The government on Friday said an independent investigation is under process by a forensic auditor for one of the biggest ever breaches in financial data in the country, affecting data pertaining to more than 32 lakh debit cards.
“The RBI has informed that an incident of data breach with respect to cards was reported and the matter is under investigation. Independent investigation by a forensic auditor approved under Payment Card Industry Data Security Standard (PCI-DSS) framework is under process,” Minister of State for Finance Santosh Kumar Gangwar said in a written reply in Lok Sabha.
The RBI, he added, has been carrying out IT Examination of banks since last year. It also has set up a Cyber Crisis Management Group to address any major incidents.
“RBI has also set up an IT Subsidiary, which would focus on, among other things, cybersecurity within RBI as well as in regulated entities,” he said. The Department of Banking Supervision also conducts testing of cybersecurity preparedness among banks with the help of CERT-In, the cybersecurity arm of the government under the Electronics and IT Ministry.
