PNB Server Vulnerability Exposed Customers’ Personal and Financial Data for About 7 Months: CyberX9


A vulnerability in the Punjab National Bank’s server would have exposed the personal and financial details of its roughly 180 million customers for about seven months, cybersecurity firm CyberX9 said.

The cybersecurity consulting firm claimed that the vulnerability gave access to the bank’s entire digital banking system with administrative control. Meanwhile, PNB confirmed the snag but denied any exposure of crucial data due to the vulnerability.

“Customer data/applications are not affected because of this” and “the server has been shut down as a precautionary measure,” PNB said.

Read also : National Bank of Punjab cuts RLLR to 6.55%

“Punjab National Bank has continued to seriously compromise the security of funds, personal and financial information of more than 180 million (all) of its customers over the last approximately 7 months. PNB has only woken up and corrected the vulnerability only when CyberX9 discovered the vulnerability and notified PNB via CERT-In and NCIIPC,” Himanshu Pathak, founder of CyberX9 and MD, told PTI.

He said that the CyberX9 research team discovered a very critical security issue in PNB, which resulted in administrator access to internal servers, thus exposing a considerable number of nationwide banking systems open to cyberattacks during the past few years. about seven months.

Pathak said the vulnerability was found in an exchange server that is interconnected with other exchanges and shares all access, including access to all email addresses, which gives access to all addresses E-mail.

“The vulnerability we discovered led to the highest level of administrator privileges on PNB’s exchange servers. If you access the domain controller through an exchange server, the doors open very easily to make any computer accessible on the network.

Read also : PNB Housing ends Rs 4,000 cr fundraising deal with Carlyle-led group

“These computers even include those used in their branch offices and other departments,” Pathak said.

When contacted, PNB said the server where the vulnerability was found did not contain any sensitive or critical data.

“The server on which the vulnerability was reported was used as one of multiple Exchange hybrid servers used to route emails from On-prim to Office 365 Cloud. There is no sensitive/critical data on this server,” PNB said.
PNB denied CyberX9’s claim about the vulnerability’s impact on customer data.

Read also : RBI fines Bank of India and PNB Rs 6 cr for breach of standards

“The server is in a separate VLAN segment and customers’ data/applications are not affected because of this. Vulnerability assessments and penetration tests are performed periodically by external information security auditors and observations are respected.

Now this server has been shut down as a precaution,” PNB said. According to CyberX9, the vulnerability was mitigated on November 19 and it reported the incident to Indian cybersecurity watchdog Cert-In and the National Critical Information Infrastructure Protection Center (NCIPPC). ).

(With entries from PTI.)


Comments are closed.