Hitachi Payment confirms 2016 malware attack originated from its systems

Hitachi Payment Services Pvt Ltd on Friday confirmed that malware from its system caused the biggest breach of financial data last year, which compromised 32 lakh debit cards.

Hitachi was able to determine the cause of the breach after an audit conducted by payment security specialist firm SISA Information Security, the company said in a statement.

The malware being sophisticated in its design, went undetected during the compromise period. As a result, Hitachi has been unable to determine the amount of data extracted during the breach as the malware was securely deleted.

"We have further enhanced our infrastructure and will continue to undertake all mandatory and regulatory security measures as needed. We feel, together through a collaborative association with all our stakeholders (banks and regulators), we will be able to provide a safer system for financial transaction processing," Loney Antony, managing director of Hitachi Payment Services said in the press note.

Hitachi provides various services including banking automation products, ATM services, point of sale services (POS) and emerging payments services.

The cyberattack, which occurred in October last year, affected several financial institutions, including State Bank of India (SBI), ICICI Bank, HDFC Bank, YES Bank, Axis Bank, as well as the Bombay Stock Exchange (BSE). In response, as many as 26 lakh cards on the Visa and Mastercard platforms, and six lakh cards on the RuPay platform were reportedly replaced.