The banking system in Pakistan took a nasty hit this week when an analysis made by Pakistan Computer Emergency Response Team aka Pak CERT revealed that data of more than 19,961 cards belonging to the customers of over 22 major banks in Pakistan were put on for sale on the dark web.
According to the sources reporting to Cybersecurity Insiders, the story started in mid-October this year when some of the customers of Bank Islami complained to the bank officials that some cyber crooks on an international level were conducting financial transactions on their behalf.
They showed the bank officials the text messages which they received on Oct 26th,2018; alerting them about the money withdrawal from the bank accounts done via their debit cards-which they didn’t do in real.
After receiving tens of thousands of complaints, Bank Islami launched a probe on the incident and found that over $3 million worth transactions were made by international fraudsters using the bank card details of their respective customers.
Immediately, the bank decided to block the international payments from their country on October 27th,2018.
The probe revealed that the data dump on the dark web was a result of a cyber attack in which the payment network of Bank Islami and the international payment scheme was compromised.
As the said data breach was reported to be one of the biggest in the history of Pakistan, the Central Bank of Pakistan instructed all commercial banks to stay alert on the card payments done by their respective customers.
PakCERT investigated the cyber attack on a wholesome note and found that hackers have dumped data of more than 20K debit cards on the internet. At first, the data dump was posted on the dark web on Oct 26th with over 9K debit cards and then on 31st October, a second dump containing info of more than 12K cards was posted on the dark web.
A detailed investigation of PakCERT revealed that hacked card data was available in two formats on the dark web.
Firstly, in text format where info such as full name, address, phone number, card number, expiry was available to be accessed from the dark web. Cybercrooks might have accessed this data by hacking the database.
Secondly, the other data was available in the physical form where hackers could have scanned the details using skimmers from compromised ATMs or merchant machines.
The highlight of the probe is that Bank Islami was not the only victim of the cyber attack. Customer data belonging to more than 21 other banks were also up for sale on the dark web since then.
Sources report that 8K cards belonging to HBL bank customers were up for sale on the dark web. Followed by UBL, Standard Chartered, MCB and Meezan Bank with more than 3K card details compromised. Card data of more than 500 debit card customers from Bank Islami, Bank of Punjab, and Bank Alfalah was also found on the dark web.
NOTE-Sale price of card data usually ranges from $100 to $160 for every 1000 customers.