PNB Server Exposed Security Of Funds, Personal & Banking Information Of Over 180 Million Customers For 7 Months: CyberX9

NEW DELHI: Vulnerability in Punjab National Bank’s system exposed the personal and financial information of its approximately 180 million customers for about seven months, according to cyber security firm CyberX9.

According to the cyber security consulting firm, the weakness allowed administrative access to the bank’s complete digital banking system. Meanwhile, PNB confirmed the issue but denied any leakage of critical data due to vulnerability.

“Customer data/applications are not affected,” according to PNB, and the “server has been shut down as a precautionary measure.”

As per Himanshu Pathak, CyberX9’s founder and MD for the past 7 months, Punjab National Bank has been significantly jeopardising the security of cash, personal and financial information of over 180 million (all) of its customers. PNB finally awoke and addressed the issue after CyberX9 detected it and reported PNB via CERT-In and NCIIPC.

ALSO READ: Data Breach At CDSL’s KYC Arm: Sensitive Data Of 4.39 Cr Investors Exposed Twice In 10 days – CyberX9

He said that the CyberX9 research team identified a serious security flaw in PNB that was allowing admin access to internal servers, leaving a vast number of banks’ systems nationally vulnerable to cyber-attacks for the last seven months.

Pathak stated that the vulnerability was discovered in an exchange server that is linked to other exchanges and shares full access, including access to all email addresses, resulting in access to all email addresses.

The loophole uncovered a vulnerability that allowed us to gain the highest level of admin privilege in PNB’s exchange servers. If you acquire access to Domain Controller via an exchange server, the doors to any computer on the network become extremely easily open.

“These computers include those used in their branches and other departments,” Pathak explained.

ALSO READ: Robinhood Data Breach: Personal Data of 7 Million Customers Leaked From Stock Trading Platform

When contacted, PNB stated that the server where the vulnerability was discovered contained no sensitive or vital data.

“The server wherein the vulnerability was reported, was being used as one of the multiple Exchange Hybrid servers used to route emails from On-prim to Office 365 Cloud. There is no sensitive/critical data in this server,” PNB said.

PNB denied CyberX9 claim on the impact of the vulnerability on customers’ data.

“Because the server is in a distinct VLAN segment, customer data/applications are unaffected. External Cert-in accredited Information Security Auditors do vulnerability assessments and penetration testing on a regular basis, and the findings are followed up on.

As a precaution, this server has now been shut down “PNB stated. According to CyberX9, the vulnerability was patched on November 19, and the incident was reported to Indian cyber security authority Cert-In and the National Critical Information Infrastructure Protection Centre (NCIIPC).

Follow The420.in on

 Telegram | Facebook | Twitter | LinkedIn | Instagram | YouTube