The Reserve Bank of India (RBI) has reportedly asked banks in the country to investigate a report that revealed the availability of debit and credit card data for sale on a dark website.
According to Reuters, the central bank issued a notice asking banks to conduct a preliminary analysis of the card details that were compromised and secure customers’ data.
RBI also instructed banks to notify the government’s CERT-In, an emergency response department, about the measures taken.
A notice from RBI stated: “On finding leaked data to be correct and genuine, disable and re-issue the credit and debit cards as per the bank’s policy.”
Last week, Singapore-based cybersecurity firm Group-IB identified that data of more than 1.3 million credit and debit cards was put up for online sale.
The company said that majority of the card information belongs to Indian banks, with 18% of the dumps related to a single bank in the country.
A single card in the database is said to be worth $100, valuing the entire set at more than $130m.
Group-IB was quoted by the news agency as saying: “We do not disclose the names of banks, but can tell that the database held the credit and debit card dumps related to the largest Indian banks.”
RBI data estimates approximately 51.7 million credit cards and 851.5 million debit cards being in circulation as of August.