New Delhi: A vulnerability in the server of Punjab National Bank According to the cyber security firm, the personal and financial information of about 180 million of its customers were allegedly exposed for nearly seven months. CyberX9,
CyberX9 claims that the vulnerability gave access to the entire digital banking system GNP with administrative control.
Meanwhile, the bank has confirmed the breach, but denied any exposure to critical data due to the vulnerability.
“This does not affect the customer data/applications” and “the server has been shut down as a precautionary measure,” PNB said.
“Punjab National Bank has severely compromised the security of money, personal and financial information of over 180 million (all) of its customers for the past 7 months. PNB only woke up and fixed the vulnerability when CyberX9 made the vulnerability Discovered and notified to PNB through CERT-in and NCIIPC,” Founder & MD, CyberX9 Himanshu Pathak told PTI.
He said that the CyberX9 research team discovered a very important security issue in PNB, which was leading to admin access to internal servers, therefore, for the past almost seven months, a large number of banks across the country have been exposed to cyber attacks. The system was open.
Pathak said the vulnerability was found in an Exchange server that is linked to other exchanges and shares all access – including access to all email addresses resulting in access to all email addresses.
“The vulnerability we discovered was leading to the highest level of administrative privilege in PNB’s Exchange servers. If you access the domain controller through the Exchange server, the doors would be too large to be accessible to any computer in the network. are easily opened.
“These computers also include those being used in their branches and other departments,” Pathak said.
When contacted, PNB said that the server where the vulnerability was found did not contain any sensitive or critical data.
“The server in which the vulnerability was reported was being used as one of several Exchange hybrid servers used to route email from on-prime to the Office 365 cloud,” PNB said. This server does not contain any sensitive/critical data.”
PNB rejected CyberX9’s claim on the impact of the vulnerability on customer data.
“The server is in a separate VLAN segment and customer data/applications are not affected due to this. Vulnerability assessment and penetration testing is done from time to time by external Credentials Information Security Auditors and the observations are complied with.
Now this server has been shut down as a precaution.
According to CyberX9, the vulnerability was patched on November 19, and it reported the incident to Indian cyber security watchdog CERT-In and the National Critical Information Infrastructure Protection Center (NCIIPC).
CyberX9 claims that the vulnerability gave access to the entire digital banking system GNP with administrative control.
Meanwhile, the bank has confirmed the breach, but denied any exposure to critical data due to the vulnerability.
“This does not affect the customer data/applications” and “the server has been shut down as a precautionary measure,” PNB said.
“Punjab National Bank has severely compromised the security of money, personal and financial information of over 180 million (all) of its customers for the past 7 months. PNB only woke up and fixed the vulnerability when CyberX9 made the vulnerability Discovered and notified to PNB through CERT-in and NCIIPC,” Founder & MD, CyberX9 Himanshu Pathak told PTI.
He said that the CyberX9 research team discovered a very important security issue in PNB, which was leading to admin access to internal servers, therefore, for the past almost seven months, a large number of banks across the country have been exposed to cyber attacks. The system was open.
Pathak said the vulnerability was found in an Exchange server that is linked to other exchanges and shares all access – including access to all email addresses resulting in access to all email addresses.
“The vulnerability we discovered was leading to the highest level of administrative privilege in PNB’s Exchange servers. If you access the domain controller through the Exchange server, the doors would be too large to be accessible to any computer in the network. are easily opened.
“These computers also include those being used in their branches and other departments,” Pathak said.
When contacted, PNB said that the server where the vulnerability was found did not contain any sensitive or critical data.
“The server in which the vulnerability was reported was being used as one of several Exchange hybrid servers used to route email from on-prime to the Office 365 cloud,” PNB said. This server does not contain any sensitive/critical data.”
PNB rejected CyberX9’s claim on the impact of the vulnerability on customer data.
“The server is in a separate VLAN segment and customer data/applications are not affected due to this. Vulnerability assessment and penetration testing is done from time to time by external Credentials Information Security Auditors and the observations are complied with.
Now this server has been shut down as a precaution.
According to CyberX9, the vulnerability was patched on November 19, and it reported the incident to Indian cyber security watchdog CERT-In and the National Critical Information Infrastructure Protection Center (NCIIPC).
,