Money & Banking

No breach of systems and pilferage of any personal data: PNB

Our Bureau | | Updated on: Nov 22, 2021
image caption

All the critical systems dealing with banking transactions are secure with multiple layers of protection, it further added.

Following several reports of vulnerability found in Punjab National Bank’s internal server, exposing personal and financial information of customers, the bank on Monday denied any breach of system and possibility of data exposure. The bank has deployed data leak prevention solutions that stops any unauthorized data to be sent through emails, it said.

“We have thoroughly checked our ICT systems those on Internet facing and operating in the background at PNB. There has been no breach of systems and pilferage of any personal data of any of our customers and account holders of PNB,” the bank said in a statement.

Read also - PNB server vulnerability may have exposed data of over 180 m customers: CyberX9

It added, “It is an established fact that hackers regularly attempt to penetrate every and all Internet facing systems anywhere in the world. PNB has implemented stringent security controls in all our ICT systems. The reported attempt of perpetrator was monitored and checked. All our critical ICT systems dealing with banking transactions are kept in secure zone, called DM zone with multiple layers of protection.”

CyberX9 report

The alleged vulnerability came into light, when cyber security firm CyberX9 published a blog post saying that apart from its 180 million customers, the glitch leaves access to confidential internal emails and logins of all strata of employees across branches and systems, including the CMD exposed by letting the hackers get the highest level of admin privilege in the affected server. It claimed that the vulnerability existed for at least seven months.

To this, PNB said that it had deployed a leak prevention solution controlling unauthorised data being sent over emails. Earlier, in a statement to PTI, the bank had said that the glitch was found and fixed; and no data was compromised.

“The said zone does not permit unauthorised access to any one, including internal staff. The ICT systems are monitored round the clock by competent staff at security operation centre. The data at rest and transit are encrypted using proprietary algorithms,” it said in its latest statement.

The bank is certified with International ISO 27001 best information security practices, validated minimum every year and as and when significant upgradation to the ICT systems is undertaken. These standards and best practices are also adopted in India.

“Our customers are very valuable to us. We assure our all customers that PNB, your bank, will strive hard to keep your personal data highly confidential meeting to best possible standards. Towards this, PNB will always be at the forefront to implement best available resources to implement the best security controls to secure the Information of our all customers,” PNB said.

Published on November 22, 2021

Follow us on Telegram, Facebook, Twitter, Instagram, YouTube and Linkedin. You can also download our Android App or IOS App.

This article is closed for comments.
Please Email the Editor

You May Also Like

Recommended for you