Share

India probes breach in ATM heist

Mumbai - The Indian government's cyber watchdog is investigating how the computer systems of two companies that are part of the country's vast IT services industry were breached in a global ATM heist that saw $45m stolen from two banks in the Middle East.

EnStage, which operates from Bangalore, and ElectraCard Services, based in the Indian city of Pune, processed card payments for the two banks that were hit in the theft, several people familiar with the situation said.

"We are investigating the technical aspect," Gulshan Rai, director general of the Indian Computer Emergency Response Team (CERT), part of the department of electronics and information technology, told Reuters by phone on Sunday.

"What kind of breach has happened in the system, how did it happen, what processes are in place, and the entire technical aspect we will look at," he said, adding that the agency had started its investigation on Saturday.

US prosecutors said on Thursday that hackers broke into two card processing companies, raising the balances and withdrawal limits on accounts that were then exploited in coordinated ATM withdrawals around the world.

The prosecutors did not name the two companies but said one was based in India and the other in the United States.

According to a US official and a bank employee, who both spoke on condition of anonymity, ElectraCard Services was the company that processed prepaid travel cards for National Bank of Ras Al Khaimah PSC (RAKBANK). RAKBANK suffered a $5m coordinated heist at ATMs around the world on December 21 last year, according to the indictment.

Ramesh Mengawade, the chief executive of ElectraCard Services and its parent company, Opus Software Solutions, could not be reached through his assistant or by email on Saturday.

ElectraCard is based in a plush office park near the airport on the outskirts of Pune, a fast-growing city in western India that is a hub for the IT and auto industries and is home to several universities. A security guard at the office park, where tenants include IBM, would not allow in a Reuters journalist without an appointment on Sunday.

Unlisted ElectraCard had a net loss of 90.2 million rupees ($1.65m) on net sales of 535.4 million rupees for the fiscal year that ended in March 2012, a sales decline of 1.6%, according to a report by ratings agency Crisil.

MasterCard bought a 12.5% stake in ElectraCard in 2010, ElectraCard has said. MasterCard, the network under which the cards used in the heist were issued, has said its security was not compromised.

EnStage, which is incorporated in Cupertino, California, but has operations based in Bangalore, is the company that processed card payments for Bank of Muscat of Oman, according to a source close to Bank of Muscat. Bank of Muscat lost $40m in a coordinated heist on February 19, according to Thursday's indictment.

"Our customers were adversely affected by this sophisticated crime," EnStage CEO Govind Setlur said in a statement in the Times of India newspaper.

Entire floor

A statement obtained by Reuters from a company spokesperson said: "Since the time the incident occurred, EnStage has retained independent security experts to analyse the intrusion and to recommend enhancements to its information security infrastructure. EnStage has implemented both these enhancements as well as additional monitoring capabilities."

Setlur was travelling and could not be reached for further comment on Sunday.

The company appears to occupy an entire floor in an office in central Bangalore. An employee who did not want to be identified said that about 250 people work in the office but did not give further details.

Bank of Muscat has not commented on the case.

Police in Pune and Bangalore did not immediately have information on the matter when reached on Sunday.

The breach in security at Indian operators is a blow to the country's multi-billion dollar information technology industry, which received about half of all outsourcing contracts in the world in 2011, according to industry data.

India-based IT vendors, who rely on the trust of global clients to handle sensitive data, are dominated by companies providing support services to the global financial industry.

Eddie Schwartz, chief information security officer for RSA, a firm that helps banks fight payment card fraud, said that it is not surprising that hackers would target banks that rely on Indian firms to process transactions.

Schwartz, who is based in Washington, said there is not as much government oversight in India as there is in the United States and Western Europe.

"Hackers view India as a target. It's got a fast-moving economy, a fast-moving IT infrastructure," Schwartz said.

Cyber security experts said the global scope and speed of the $45m bank theft was unprecedented. The global gang had operatives in 27 countries who fanned out to thousands of ATMs in a matter of hours, withdrawing money using fraudulent prepaid debit cards, according to US prosecutors.

The US Justice Department gave details of the heist on Thursday in an indictment against eight men accused of being the New York cell of the organisation. The department said seven of the men have been arrested.

The ringleaders of the global operation were believed to be outside the United States, but US prosecutors have declined to give details, citing the continuing investigation. Germany is the only other country so far to announce arrests.



We live in a world where facts and fiction get blurred
Who we choose to trust can have a profound impact on our lives. Join thousands of devoted South Africans who look to News24 to bring them news they can trust every day. As we celebrate 25 years, become a News24 subscriber as we strive to keep you informed, inspired and empowered.
Join News24 today
heading
description
username
Show Comments ()
Rand - Dollar
18.97
-0.2%
Rand - Pound
24.09
+0.1%
Rand - Euro
20.61
-0.1%
Rand - Aus dollar
12.37
+0.4%
Rand - Yen
0.13
+0.6%
Platinum
906.50
-1.8%
Palladium
1,010.52
+0.4%
Gold
2,155.30
-0.2%
Silver
24.97
-0.3%
Brent Crude
86.89
+1.8%
Top 40
66,018
-0.4%
All Share
72,192
-0.3%
Resource 10
53,225
-0.2%
Industrial 25
99,730
-0.7%
Financial 15
16,631
+0.1%
All JSE data delayed by at least 15 minutes Iress logo
Company Snapshot
Editorial feedback and complaints

Contact the public editor with feedback for our journalists, complaints, queries or suggestions about articles on News24.

LEARN MORE
Government tenders

Find public sector tender opportunities in South Africa here.

Government tenders
This portal provides access to information on all tenders made by all public sector organisations in all spheres of government.
Browse tenders