Ransomware Attack Disrupts Payment Systems at 300 Indian Banks: Report

Highlights:

• C-Edge Technologies, provider of payment systems to small banks, impacted
• Source says only 0.5% of country's payment volumes was hit
• Attack came after a massive global Microsoft outage last month

A ransomware attack on a technology service provider has forced payment systems across nearly 300 small Indian local banks to shut down temporarily, two sources directly aware of the matter said.

The attack affected C-Edge Technologies, a provider of banking technology systems to small banks across the country, they said.

C-Edge Technologies did not respond to an email seeking comment.

The Reserve Bank of India, the country’s banking and payment system regulator, did not respond to Reuters' request for comment.

The National Payment Corporation of India (NPCI), an authority that oversees payment systems, in a public advisory issued late on Wednesday, said that it had "temporarily isolated C-Edge Technologies from accessing the retail payments system operated by NPCI".

"Customers of banks serviced by C-Edge will not be able to access payment systems during the period of isolation," the NPCI said.

Nearly 300 small banks have been isolated from the country’s broader payment network to prevent any wider impact, the sources, who are officials at a regulatory authority, said.

"Most of these are small banks and only about 0.5 per cent of the country’s payment system volumes would be impacted,” said one of the sources.

India has nearly 1,500 cooperative and regional banks which mostly have operations outside big cities. It is some of these banks that have been affected, sources said.

NPCI is conducting an audit to ensure that the attack does not spread, the second source said.

The RBI and the Indian cyber authorities have warned Indian banks about possible cyber attacks in the past few weeks, banking industry sources and the first source said.