Banks in India reported 248 instances of data breaches by hackers in the past four years. The maximum number of data breaches were reported in Private Sector Banks, reaching 205. Forty-one cases of data breaches were reported by Public Sector Banks (PSB) and two by Foreign Banks. Card details and business and non-business details were breached. Due to the increasing number of attacks on banks, RBI has issued renewed guidelines to prevent data theft in the future.
The data breaches were registered between June 2018 to March 2022. In a report addressed to the Parliament, the Ministry of Home Affairs said that there have been nearly 674,021 cyber security breaches since June 2022. Minister of State in Home Affairs, Ajay Mishra, while responding to a question in the Lok Sabha said that over 3.94 lakh cyber security incidents took place in 2019, 1.15 lakh cases in 2020 and 1.40 lakh in 2021.
Data theft incidents have led to heavy losses borne by industries and enterprises. It cost nearly Rs. 17.6 crore in the fiscal year 2022, as per a report by IBM. The Reserve Bank of India (RBI) asked Scheduled Commercial Banks (SCB) to implement all necessary online safety measures to prevent data breaches.
Moreover, cybersecurity and IT controls, along with the IT risk governance framework, were asked to update the banks’ systems. “Banks have also been directed to strengthen IT risk governance framework which mandates active role by their Chief Information Security Officer besides an active involvement of the Board / IT committee of the Board in ensuring compliance with the required standards,” Union Minister of State for Finance Bhagwat Karad said in the parliament.
Karad further warned banks that violations in complying with the RBI’s guidelines would not be tolerated. Corrective measures would be taken against the management and board of the bank to hold the employees accountable for their violations. Concerned officials may also face a monetary penalty if found guilty.