In a massive data breach incident, the data of more than 12,000 State Bank of India (SBI) employees was leaked on Telegram channels. The leaked data included the employees’ personal information, such as their SBI passbooks, names, addresses, contact numbers, and PAN numbers.
The data breach was unearthed after a Telegram channel with the handle @sbi_data posted a file containing the personal information of over 12,000 State Bank of India (SBI) employees on Friday, July 8. The file included the employees’ names, addresses, contact numbers, PAN numbers, account numbers, and photo IDs, reported India Today.
The channel’s bio read “Spread Chaos Comrades!” and the file was titled “SBI Employee Data Dump.” The channel had only 608 subscribers at the time of the leak, but the file was quickly shared on other Telegram channels and on social media.
The threat actor who leaked the data of over 12,000 SBI employees has also claimed to have access to the financial details of millions of consumers. The threat actor has also claimed to have dumped the compromised data on publicly accessible leak forums.
They have also posted screenshots of SBI account balances and recent transactions on a publicly accessible leak forum. The screenshots show that the threat actor has access to a wide range of financial information, including account numbers, PINs, and transaction history. The leaked data were also put up for sale on dark web platforms.
Read More: Club Vistara IDFC FIRST Credit Card: Get free flight tickets and more. Check all benefits
“Threat actors attack an infrastructure either by exploiting any active/passive vulnerabilities or using RaaS – Ransomware as a service, to attack any active infra,” cybersecurity expert Saumay Srivastava who unearthed the massive SBI leak by his consistent efforts towards dark web monitoring told India Today.
He also mentioned that “the banking sector is actively under target and this results in leaking sensitive data of clients and employees causing massive damage to bank’s privacy and reputation. In previous breaches of some prominent banks, it is seen that many times data is unknowingly exposed on indexable platforms and hence easily accessed by threat actors.”
While underscoring the potential threats of the leaked information, he highlighted that “by using this leaked information, the threat actors get access to bank accounts, conduct transactions, and use credit cards fraudulently, due to misconfiguration and weak policies these files are easily accessible through some advance search operators or dorks.”
Read More: How To Activate Inoperative PAN Card And Link It With Aadhaar After Deadline
“One of the most common risks to banks involved leaving data unencrypted, which allowed threat actors or hackers to immediately manipulate the data and cause primary issues for the organizations. Any data that is managed on computers in banks or on the web should be fully encrypted,” he suggested.
This will thwart the successful attempt of attackers that may not be successful even if the data is stolen. “Important information such as a bank account number, client name, and address must be masked if necessary for testing. In terms of the latest exploits and vulnerabilities, banks should actively look for threat intelligence reports of the banking sector to understand major TTPs (Tactic, techniques and procedures) of the latest threats/vulnerabilities and mitigate accordingly predicting upcoming threats to their infrastructure,” he added.
Data leaks and breaches have significantly increased in India in recent years. According to a report by the CyberPeace Foundation, there were over 1,250 data breaches in India in 2022, up from 550 in 2021.
Telegram, as a popular messaging platform, has become a den for both illicit and legitimate communication activities in recent years.
In recent years, there have been a number of high-profile cases involving the use of Telegram by criminals. In January 2019, TechCrunch reported that SBI had exposed the financial information of its customers through an unprotected server. The exposed data included partial account numbers, balances, transaction details, and other sensitive information.