By Raja Kamran, M Yasir and Raza Rizvi
A Pakistani bank has reportedly come under what seems to be one of the biggest cyber attacks in the country’s history. As per our sources, a group of hackers (or more) have breached the data center of Bank Islami and stolen the data of thousands of customers.
The alleged security breach first came to light on October 27 when customers of the bank received automated messages about their payment cards being used in different countries. The bank denied that any data theft took place.
When ProPakistani contacted BankIslami’s executive Fahad Tariq, once news of the data security breach broke, he initially dismissed the claims and denied that any breach happened at the bank’s data center. He refused to give any official version regarding this security breach.
However, late on Sunday night, an alert for all banks was issued by the State Bank of Pakistan.
A Bank Islami account holder, speaking under the condition of anonymity, has confirmed that he received a message notifying him of his card usage at an ATM in Russia.
“A message notified me that somebody used my card somewhere in Russia, I immediately approached the bank’s helpline but the official simply did not believe my words and blamed me for the leak of particulars saying that I might have shared my bank account details with a friend or relative,” the affected customer told ProPakistani, adding that during the call he received three more messages of card usage at different locations of Russia.
I was surprised and shocked to my core. The bank’s response was very disappointing. All my money was gone, I am left empty-handed.
The account holder further revealed that a few hours after the incident, he received a message from the bank stating that all services of Bank Islami have been temporarily shut down and customers will be informed when the services will be resumed.
A senior banker dealing with cybersecurity confirmed the news while speaking with ProPakistani.
“That is true to the best of my knowledge – an unidentified group of hackers had broken into the data center of the said bank and stole the valuable data of the customers. This was unknown until the bank started receiving complaints from their customers regarding the theft.” He also stated that an estimated amount of about $6 million may have been withdrawn so far.
The hackers may have used the dark web to sell the data of Bank Islami account holders for $60-70 per account.
This money has been withdrawn at different locations in USA, Russia and other countries, he added.
“This is the biggest cyber attack in the banking history in Pakistan. Ever since cyber attacks started in the country, prominent banks have improved their data security and it is hard for hackers to breach in. However, several small banks have still flawed security systems and are an easy target for scammers and hackers,” said the banker.
He also confirmed that Bank Islami’s system was down for about 12 hours in a bid to stop these transactions.
As a result, the bank has temporarily restricted usage of its cards for overseas transactions. The affected bank has also been instructed to issue advisory on precautionary measures to be taken by customers.
The central bank has instructed the bank to take all necessary measures to trace the vulnerability and fix it immediately.
Banks are advised to immediately report to SBP in case of any unusual incidents. SBP will continue to assess these developments in coordination with banks and take further measures, if required.
The following directives have been issued to all banks in Pakistan to ensure that:
- Security measures on all IT systems, including those related to card operations, are continuously updated to meet any challenges in the future.
- Resources are deployed to ensure the 24/7 real-time monitoring of card operation related systems and transactions.
- Immediately coordinate with all the payment schemes, switch operators and media service providers the banks are integrated with to identify any malicious activity of suspicious transactions.
BankIslami also released its statement later on regarding the breach in data security at the bank:
On the morning of October 27, 2018, certain abnormal transactions were detected by BankIslami on our International Payment Scheme for Debit Cards.
Alhamdulillah, BankIslami team immediately took precautionary steps which included shutting its International Payment Scheme. All funds withdrawn from the accounts (i.e. Rs. 2.6 Million) of our valued customers have been reversed.
As a precautionary measure, all transactions routing through international payment scheme (Local and International POS, ATM and eCommerce) have been stopped.
However, we restored our Biometric ATM cash withdrawal service for our customers, the very same day.
Our technical teams are working in close coordination to restore other services.
BankIslami’s detailed response can be viewed here.