Skip to content

Ransomware attack on C-Edge hits 300+ small Indian banks

  • by
  • 3 min read

C-Edge Technologies Ltd., a key technology service provider for cooperative and regional rural banks (RRBs), has been affected by a ransomware attack that has affected more than 300 banks.

The issue was first reported to authorities on July 29 and has caused disruptions in the Unified Payment Interface (UPI) operations and the Aadhaar-enabled payment system (AePS), crucial components of the digital banking infrastructure in rural areas, reports The Hindu.

The National Payments Corporation of India (NPCI) has isolated C-Edge from accessing the payment system. The agency is also conducting an audit to gauge the attack’s extent and prevent it from spreading to other technology providers and banks.

“Customers of banks serviced by C-Edge will not be able to access payment systems during the period of isolation,” NPCI told Reuters.

The impact is widespread, affecting approximately 300 cooperative banks and RRBs across India that rely on C-Edge Technologies Ltd. However, not all regional rural banks are experiencing the disruption. Some RRBs, depending on their sponsor banks, use different technology service providers and thus continue to operate normally.

As per NPCI, cash arrangements and other bank services not related to UPI were also not affected.

Illustration: JMiks | Shutterstock
The ransomware attack has affected about 300 cooperatives and RRBs in India. | Illustration: JMiks | Shutterstock

“All online transactions, such as RTGS and UPI payments, are affected. Money is deducted from the sender’s account but does not get credited to the receiver’s account,” said Dileep Sanghani, chairman of the National Cooperative Union of India.

The Reserve Bank of India has yet to release a statement. According to NPCI officials, this ransomware attack affected nearly 0.5% of the country’s total payment system volume, which is a huge amount.

Recently, in April 2024, a flaw in ICICI Bank’s iMobile Pay app allowed users to access sensitive details, including card number, expiry date and CVV.

India has been the target of threat actors for quite some time. In July, Russian hackers used a multi-stage attack sequence to target Indian political observers.

Reports also emerged in July that Smishing Triad, a Chinese cyber gang, threatened Indian users with India Post scams.

In the News: Data breach costs surge to $5 million per breach on average

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

>