Punjab National Bank has denied claims made in a cyber security firm’s report that the personal data of the bank’s millions of customers was breached due to a loophole in its system.
The report by the cyber security firm Cyberx9 was carried by several media outlets.
It said that the bank vulnerability PNB’s server exposed the data of its 180 million customers for about seven months.
In a four-point clarification note posted on Twitter, the bank said all the information systems attached to the bank’s server were checked and no data breach as mentioned in the report was found.
The bank didn’t categorically deny the attempt of hacking or vulnerability as mentioned in the Cuberx9 report.
Important Announcement, take note? pic.twitter.com/JLgmd0RkDs
— Punjab National Bank (@pnbindia) November 22, 2021
“We have checked our systems those on internet-facing and operating in the background. The reported attempt of the perpetrator was monitored and checked,” the bank said.
“There has been no breach of systems and pilferage of any data of any of our customers,” the banks said in a statement.
The bank further said that it has deployed data prevention solutions that prevent any unauthorised data to be set through emails.
The system doesn’t permit even the internal staff to access data, it said.
CyberX9 in its report said that the vulnerability was mitigated on November 19.
The cyber security firm also said that it reported the incident to the cyber security watchdog Cert-In and National Critical Information Infrastructure Protection Centre (NCIIPC).