ICICI Bank, one of India’s major private banks, recently experienced a significant data breach due to a technical glitch in its mobile banking application, ‘iMobile.’ This error led to the exposure of sensitive data belonging to thousands of new credit card holders. The breach allowed unintended recipients to view credit card numbers, expiry dates, and card verification values (CVV), compromising the financial security of numerous customers.
Upon discovering the issue, which was initially brought to light by customer reports on social media, ICICI Bank took swift action to mitigate any potential damage. The bank blocked 17,000 credit cards that were affected by the glitch to prevent fraudulent activities. In addition to this, the bank announced that it would be reissuing new cards to all impacted customers and assured them that compensation would be provided in the event of any financial loss due to the incident.
ICICI Bank has stated that the glitch affected only about 0.1% of its entire credit card portfolio, which suggests the scale of its customer base and the extent of potential vulnerability. Despite the relatively small percentage, the exposure raises significant concerns about the security measures in place to safeguard sensitive customer information. The bank has a vast network, with 6,000 branches and 17,000 ATMs across India, and a presence in 17 countries, amplifying the impact of any such security lapses.
This incident is not the first time ICICI Bank has faced data security challenges. In April 2023, researchers at Cybernews reported that the bank had leaked millions of records containing sensitive financial information and personal documents of its clients. These recurring issues highlight the ongoing challenges that the bank faces in terms of securing client data and maintaining trust in its digital platforms.
