India’s second-largest government-backed bank – Punjab National Bank had exposed one of its servers for months, which contained sensitive details of all its customers.
This was reported by a cybersecurity firm, where they claimed access to the admin panel of the banking system’s network was exposed. After realizing this, PNB secured the leaking server and assured that no customer data was compromised. Yet, it shut it down as a precautionary measure.
PNB Exposing Customer Details
The Punjab National Bank in India is one of the largest banks by userbase and volumes, and also state-backed. Earlier today, a cybersecurity firm named CyberX9 reported that it found a vulnerability in one of the bank’s servers, leading to the admin privilege!
CyberX9’s MD and founder, Himanshu Pathak told that PNB was exposing their customers’ data, including security of funds, personal and financial information from one of its bugged servers for over seven months!
Researchers have found the vulnerability in an interconnected server, which led them to gain control over the bank’s Domain Controller, which in return lets them access all the banking information stored in other connected computers in the network.
CyberX9 said that sensitive information of more than 180 million (or all) customers belonging to PNB was exposed, for over seven months! As soon as CyberX9 reported this to CERT-In and NCIIPC, PNB realized to secure it.
After patching the exposed server on November 19th, PNB issued a statement explaining that “the exposed server was being used as one of the multiple Exchange Hybrid servers used to route emails from On-prim to Office 365 Cloud. There is no sensitive/critical data in this server.”
Further, it claimed that the exposed server is on a separate VLAN segment, and neither the customer data nor the banking applications were affected by this. Yet, PNB took the concerned server offline as a precautionary measure.