In a major cyber-attack on a Pakistani bank, hackers siphoned off at least Rs2.6 million through October 27 from debit cards issued by Bank Islami.
The bank says it noticed abnormal transactions in one of its international payment card schemes on Saturday morning and had to log off immediately. This means the bank cut off from that scheme.
Bank Islami says it has credited an equal amount (Rs2.6 million) to the accounts of customers who were affected due to data breach.
The cyber-attack was coordinated and the payment network of Bank Islami and the international payment scheme was compromised. Hackers made these transactions on international ATMs using cards issued by the bank.
The bank has started consultations with information security experts to assess the exact impact and the scale of losses. The international payment scheme has made a claim of transactions worth $6 million, but the bank didn’t acknowledge it and was still assessing it with the help of information security experts.
The bank says it has restored all ATM transactions locally, which means customers within Pakistan can use their cards for groceries and shopping. However, it will restore international transactions once it is confident that the risk of unauthorised access has been mitigated, it says.
In the wake of this incident, the State Bank instructed all commercial banks to ensure security of all payment cards in the country and monitor the use of their cards, especially in case of international transactions on real time basis.
This is not the first time a Pakistani bank has been attacked. Previously, HBL was also affected in a cyber-attack. Industry sources say cyber-attacks are taking place on a daily basis and there is no system in place for sharing of such information or dealing with sophisticated attacks.
Media reports suggest that 2015 and 2016 were the busiest years in terms of cyber-attacks on banks. Given that hackers have developed advanced techniques to breach existing security protocols, these attacks are set to rise globally.