Man held for ATM Break-in Bid
Mumbai: Nagpada police on Wednesday arrested a 30-year-old man for trying to cut open an ATM kiosk of a bank at Mumbai Central two days back. The accused and his associates then entered the bank, next to the ATM centre, cut its shutter using a gas welding machine and cutter, and fled with 10 laptops between 2am and 5am on October 28. Police, who registered a theft case, are interrogating the accused to find out details about his gang. The incident came to light in the morning when staff reported to work. It’s not clear if the bank had a security guard.
Skimmed at ATM’s & Shops? 1m Indian Card’s Data on Sale on Darknet
Bengaluru: Details of about 1.3 million (13 lakh) debit and credit cards have been put up for sale on a Darknet marketplace called Joker’s Stash. It is believed the data dump could have been obtained by skimming details from the magnetic stripe on the cards, while bank users were using ATMs and point-of-sale machines. Group-IB a Singapore based firm that specialises in detection and prevention of cyber-attacks—said of the 1.3 million cards, 98% are believed to be from India. The total cards in circulation in India, including both debit and credit, stood at 971.7 million as of September 2019. The fraudsters selling the data claim that they have both track-1 and track-2 data, which can be used for online transactions or for cloning cards. Researchers at Group-IB found card details being sold at $100 each, with the total value of the card database estimated at over $130 million. Ilya Sachkov, CEO and founder of Group-IB, said in a statement that they have alerted the authorities concerned. “The cards from this region are very rare in underground markets. In the past 12 months, it is the only big sale of card dumps related to Indian banks. Group-IB’s Threat Intelligence customers have already been notified about the sale of this database. The information was also shared with proper authorities,” he said. An official at industry body Data Security Council of India said, “Where India largely fails its customers is in not having data breach disclosure laws in place”. An official at industry body Data Security Council of India said, “In other countries in Europe and North America, banks and payment vendors are mandated by law to report to law enforcement, regulators and customers within 24 hours of a data breach.
Here, affected customers can sometimes be the last people to know about own bank accounts/ cards getting compromised”. Nitin Bhatnagar, head of industry body PCI-DSS (Payment Card Industry Data Security Standard), said, “We are yet to ascertain the veracity of information that is out there the number of banks affected, etc.” The regulators and banks are yet to confirm such a data breach. But if this breach has occurred, then it only reiterates that data security is not a one-time fix. While Group-IB has not shared the names or number of banks affected, it said more than 18% of compromised cards were issued by a single Indian bank. The diversity of banks involved suggests that the dump was not the result of one bank getting hacked but a wider security failure, said a report by ZDNet, which first reported the breach. In September 2016, Indian banks faced a similar massive data breach, when 3.2 million debit cards got compromised after fraudsters exploited a vulnerability at Hitachi Payment Systems. In that breach, a dozen banks — including Yes Bank, ICICI Bank, SBI and others saw their cards compromised and millions of cards were reissued. Two years ago, the RBI had mandated that banks move from magnetic stripe to EMV-based chip cards. But banks are yet to fully comply with the RBI’s requirement. The industry estimates that about 70% of cards in circulation today are EMV chip-based. Earlier this year in February, 2.15 million Americans’ cards were dumped on the site. Bank customers feel that banks should be mandated to inform customers in the event of such a data breach.
Climate Study Sounds Red Alert for Mumbai City
Mumbai: The latest estimates by US-based Climate Central suggesting a far greater impact on Mumbai due to sea level rise raises questions about the gaps in planning for such an eventuality. “Climate change is not being factored in when decisions are made,” said Debi Goenka of Conservation Action Trust. “Projects like the coastal road, Shivaji statue are at great risk, perhaps even the underground Metro, but we are not asking questions about which projects we should be building”. Although the study does not show that Mumbai will be totally submerged by 2050, as some media have mistakenly reported, Goenka notes that frequent flooding of the entire city will cause enormous damage. “What we see now in some parts and occasionally, we will see everywhere: sewer water backed up, infrastructure damaged,” he said. “For all practical purposes, the city will be unlivable,” he added. The study is a global one which limits the level of detail available for local areas.
However, an interactive map that comes with the new research helps bring out the kind of impact cities around the world might see under different climate change scenarios. These projections hold for a scenario in which only moderate cuts are made to carbon emissions. If carbon emissions do not fall, temperatures could rise more rapidly, and with them sea levels. However, under every scenario, Mumbai, along with Kolkata, would be among the most affected globally, according to the map. Some experts questioned the findings. Pushpendra Johari of RMSI, a global natural hazard consultancy, said the numbers seemed on the high side for India and Mumbai. Other studies, which take into account the limitations of the old land elevation datasets, do not show such high risk, he said. Others also noted that the study does not take into account regional factors. There are other limitations protective infrastructure is not taken into account in calculating exposure and impact, for instance, which the study acknowledges.