Data Of 6 Lakh HDFC Customers Leaked On Dark Web? Here’s What Bank Says on Data Breach

The breached data allegedly includes full names, email addresses, physical addresses, and sensitive financial data, the report mentioned.

HDFC Customers Data Breach: After several reports surfaced that the personal information of nearly 6 lakh customers of HDFC Bank was allegedly leaked on the Dark Web, the bank on Tuesday issued a statement and said there has been no data leak of its customers. According to Privacy Affairs website, the HDFC Bank customers’ samples were posted on the hacker forum and “the posted data appears to be genuine”.

Taking to Twitter, HDFC Bank said, “There is no data leak at HDFC Bank and our systems have not been breached or accessed in any unauthorised manner”.

“We remain confident of our systems. However we treat the matter of our customers data security with utmost seriousness and we continue to,” said the bank.

The breached data allegedly includes full names, email addresses, physical addresses, and sensitive financial data, the report mentioned. Cyber-criminals allegedly posted the data for sale on a popular hacker forum. The criminals provided data samples while demanding money for the full database.

“The criminals explained that the hack was allegedly obtained just recently, in early March 2023, and contains data from May 2022 to March 2023,” said the report.

On Monday, several Twitter users posted about facing outages, failed transfers and even scam messages on the official HDFC Bank mobile app. There has been a surge in spam bank text messages in the recent past.

Here’s How To Avoid Phishing Attacks?

Never forget to log in to any site by typing the correct URL in the address bar.

It is better to share user id and password only on the authenticated login page.

However, before sharing user id and password, you must ensure that the URL of the login page starts with ‘https://’ and not ‘https:// ‘.The ‘s’ denotes ‘secured’ indicating that the Web page uses encryption.

Always look for the lock symbol at the right bottom of the browser along with the Verisign certificate.

Try to provide personal information including your details over the phone or internet only if you have initiated a call or session and the counterpart has been fully authenticated by you.

Better to check your bank, credit and debit card statements to make sure that all transactions are legit.

