Karachi, October 30, 2018: Pakistan’s one of the leading shariah compliant bank-BankIslami Limited Monday confirmed cyber attack on its Debt Card Data base.
Hackers steal $6 million from BankIslami Pakistan accounts
The bank management has also confirmed TheBizUpdate’s earlier story that approximately $6 million fraud was withdrawn due to this cyber attack.
According to an information sent by BankIslami Pakistan management, on the morning of October 27, 2018 certain abnormal transactions valuing Rs.2.6 million were detected by the Bank on one of its international payment card scheme.
The Bank immediately took precautionary steps which, interalia, included shutting its international payment scheme.
All monies withdrawn from the accounts i.e. Rs.2.6 million have been credited in the respective accounts of valued customers.
Subsequently, after the Bank was cut off from the international payment scheme, the Bank was advised by international payment scheme that some transactions were made on international ATM’s allegedly using Bank’s issued cards. However, no details have so far been shared with the Bank as to how such transactions were processed and validated when such transactions never landed on Bank’s system.
BankIslami claimed that these transactions, of approximately USD 6 million as claimed by international payment scheme, are not acknowledged by the Bank as the Bank was actually logged off from the international payment scheme at that time.
The Bank is of the view that it was a co-ordinated cyber attack in which the payment network of the international payment scheme as well as that of the acquiring banks were possibly compromised.
“We have initiated consultations with information security
The bank said that Material Information: Cyber Attack on Debit Cards
In accordance with Section 96 of the Securities Act, 2015 and Clause 5.6.1(a) of PSX Regulations, we hereby convey the following information:
This is to inform that on the morning of October 27, 2018 certain abnormal transactions valuing Rs.2.6 million were detected by the Bank on one of its international payment card scheme. The Bank immediately took precautionary steps which, interalia, included shutting its international payment scheme.
All monies withdrawn from the accounts i.e. Rs.2.6 million have been credited in the respective accounts of valued customers.
Subsequently, after the Bank was cut off from the international payment scheme, the Bank was advised by international payment scheme that some transactions were made on international ATM’s allegedly using Bank’s issued cards.
However, no details have so far been shared with the Bank as to how such transactions were processed and validated when such transactions never landed on Bank’s system. These transactions, of approximately USD 6 million as claimed by international payment scheme, are not acknowledged by the Bank as the Bank was actually logged off from the international payment scheme at that time.
The Bank is of the view that it was a co-ordinated cyber attack in which the payment network of the international payment scheme as well as that of the acquiring banks were possibly compromised.
“We have initiated consultations with information security experts”, the bank informed.
The BankIslami has restored all domestic ATM cash withdrawal transactions using Bank’s Bio metric service on the same day.
However, as a precautionary measure, all transactions routing through international payment scheme will be shortly restored once the Bank is confident that all risks of unauthorized transactions have been mitigated.