The report further claimed that the leaked information were available online since past three months.
Trouble does not seem to stop for the country's third largest public lender. According to a report published by the Asia Times, a data breach has happened, that reportedly leaked sensitive credit and debit cards information of around 1,000 bank customers.
According to the Hong Kong based publisher, the leaked data includes names, expiry dates, personal identification numbers and even card verification values of around 10,000 bank account holders.
The leaked data had two sets of packages one with CVV numbers and the other without.
The report further claimed that the leaked information were available online since past three months.
The breach was found out by CloudSek Information Security, which is a Singapore based company that keeps a close eye on data transactions, even on sites that are unlisted on Google Search or any other major search engine.
“We have a crawler that is deployed in the dark/deep web. These are sites on the internet which are not indexed by Google or other major search engines. They are used to buy and sell sensitive data illegally,” Chief Technical Officer Rahul Sasi told the paper.
“Our crawler detects any such data and sends it to a Machine Learning software that we have created. If this detects anything that is suspicious, and of interest to our clients, we immediately take action,” Sasi added.
Sasi further said that the company has to pass the details through a government agency as they were unable to contact PNB after detecting the breach as it is not a customer at the bank.
The PNB’s Chief Information Security Officer TD Virwani has confirmed that it was working with the government to contain fallout from the release of the data, which was offered through a website.
Government officials who were aware of the breach told the newspaper that they have been trying to establish the extent of the problem. As of now, they have discovered sensitive information from as many as 10,000 credit cards issued by the bank.
The agency further made shocking claims that the data has been on sale for $4.90 per card (Roughly Rs 320).
"Usually these sites on the deep/dark web build up reputations on the authenticity of the data they sell illegally. This particular site has a very good reputation. They offer a sample size to buyers to establish their credentials before the sale is made. In this case they were offering to sell the data at US$4.90 per card," he reported.
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
 "Around 1,000 PNB customers' debit, credit cards details leaked online: Report")
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
)
){kind=small}
){kind=small}
)
)
)
)
)
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}