New Delhi: A vulnerability in Punjab National Bank’s server would have exposed the personal and financial information of its some 180 million customers for about seven months, according to cybersecurity firm CyberX9. CyberX9 claimed that the vulnerability provided access to PNB’s entire digital banking system with administrative control.
Meanwhile, the bank confirmed the issue but denied any critical data exposure due to the vulnerability.
PNB said that “customer data / applications are not affected because of this” and that “the server has been shut down as a precaution”.
“The Punjab National Bank has continued to seriously compromise the security of funds, personal and financial information of over 180 million (all) of its customers for approximately the past 7 months. PNB has only woken up and corrected the vulnerability only when CyberX9 discovered the vulnerability and notified PNB via CERT -In and NCIIPC, “CyberX9 founder and CEO Himanshu Pathak told PTI.
He said the CyberX9 research team discovered a very critical security issue in PNB that resulted in administrator access to internal servers, exposing a large number of nationwide banking systems open to cyber attacks over the past seven years. last months or so.
Pathak said a vulnerability was found in an exchange server that is interconnected with other exchanges and shares all access, including access to all email addresses, resulting in access to all email addresses.
“The vulnerability we discovered led to the highest level of administrator privilege in the PNB exchange servers. If you access the domain controller through an exchange server, the doors open very easily to make n ‘any computer accessible on the network.
“These computers even include those that are used in their branch offices and other departments,” Pathak said.
When contacted, PNB stated that the server where the vulnerability was found did not contain any sensitive or critical data.
“The server where the vulnerability was reported was used as one of multiple hybrid Exchange servers used to route emails from On-prim to Office 365 Cloud. There is no sensitive / critical data on this server, ”PNB said.
PNB denied CyberX9’s claim about the vulnerability’s impact on customer data.
“The server is in a separate VLAN segment and client data / applications are not affected for this reason. Vulnerability assessments and penetration tests are performed periodically by external information security auditors recruited by Cert -in and the observations are respected.
Now that server has been shut down as a precaution, ”PNB said.
According to CyberX9, the vulnerability was mitigated on November 19 and the incident was reported to the Indian cybersecurity watchdog Cert-In and the National Critical Information Infrastructure Protection Center (NCIIPC).