Bank Islami becomes a victim of $6.5 million cyber-attack

Avatar Written by Abdul Wahab · 1 min read>

Once again Pakistan has become a victim of Cyberattack on the country’s banking system. BankIslami debit cardholders now need to be extra careful while doing the financial transactions. Just recently BankIslami customers have witnessed the biggest Cyber Attack in Pakistan. This isn’t something coincidental, many Pakistan has flaws and loophole in their cyber-security portals.

The cyber breach took place on October 27 when BankIslami customers received notifications that their payment cards were being used by someone else in foreign countries. Reportedly, customers lost $6 Million in this biggest security breach in Pakistan.

The State Bank of Pakistan was quick to respond to this and temporarily “restricted use of its cards for “overseas transactions (only),”. However, the cardholders will be able to conduct transactions within Pakistan. This is the third major cybersecurity breach in Pakistan and the second largest when it comes to Pakistan Banking system. Previously Careem and Habib Bank Limited were prone to security attacks.

The officials who are involved in disaster management and damage control measured the cybersecurity attack and estimated the financial loss. As per details, in a notification to the Pakistan Stock Exchange (PSX), BankIslami stated that it detected certain abnormal transactions valuing Rs2.6 million on one of its international payment card schemes on the morning of October 27, 2018.

Sources on terms of anonymity told Profit, “The transactions mainly originated from Brazil and the US, meanwhile, the bulk of the transactions can be traced back to Point of Sale (POS) at Target Stores.”

BankIslami said that all domestic ATM cash withdrawal transactions using bank biometric services have been restored. “However, as a precautionary measure, all transactions routing through the international payment scheme have been stopped and will be restored once the bank is confident that all risks of unauthorized international transactions have been mitigated,” said a press release of Bank Islami issued on Monday.

State bank of Pakistan has issued these directives to all banks and have asked them to report in case of any abnormal activities. The directives are issued in order to ensure:

  • Cybersecurity measure on all IT system must be updated including those that are related to card operations in order to meet any challenges in the future
  • Resources should be deployed to make sure the real-time monitoring of card operations 24/7 must take place
  • Immediately coordinate with all the payment schemes switch operators and media service providers the banks are integrated with to identify any malicious activity of suspicious transactions.

The story has been updated