Pierluigi Paganini April 28, 2024

ICICI Bank, a major private bank in India, mistakenly exposed the sensitive data of thousands of new credit cards to unintended recipients.

ICICI Bank, one of the leading private banks in India, accidentally exposed data of thousands of new credit cards to customers who were not the intended recipients.

ICICI Bank Limited is an Indian multinational bank and financial services company headquartered in Mumbai. It offers a wide range of banking and financial services for corporate and retail customers.

The bank has a network of 6000 branches, and 17000 ATMs across India and has a presence in 17 countries.

The bank blocked 17,000 credit cards due to a technical bug in its mobile banking app, ‘iMobile.’ The glitch allowed users to card details of other customers. Exposed financial information includes credit card numbers, expiry dates, and card verification values (CVV).

The bank became aware of the glitch after some customers reported it on social media.

“As an immediate measure, we have blocked these cards and are issuing new ones to the customers.” the ICICI Bank spokesperson told the newspaper Times Of India. “We regret the inconvenience caused. No instance of misuse of a card from this set has been reported to us. However, we assure that the Bank will appropriately compensate a customer in case of any financial loss.”

The bank states that the incident impacted about 0.1% of the bank’s credit card portfolio.

ICICI Bank is issuing new credit cards to the impacted customers.

In April 2023, researchers at Cybernews reported that ICICI Bank leaked millions of records with sensitive data, including financial information and personal documents of the bank’s clients.

Pierluigi Paganini

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

(SecurityAffairs – hacking, data leak)