IDFC FIRST Bank Targeted by Everest Ransomware Group

Company Overview

IDFC FIRST Bank, established in 2018, is a universal bank headquartered in Mumbai, India, offering a wide range of personal banking services. These services include personal accounts, loans, investments, and payments solutions, tailored to meet the diverse needs of its customers. The bank has been acknowledged for its digital innovation, securing the title of 'Best Digital Bank' for the year 2021-2022 by Financial Express India's Best Banks Awards 2023.

Vulnerabilities and Targeting

The precise vulnerabilities exploited in the attack on IDFC FIRST Bank by the Everest ransomware group have not been publicly disclosed. Despite the bank's assertion of maintaining the highest security standards and the resilience of its systems, the attackers have reportedly leaked a zip archive containing approximately 230MB of data. This data allegedly includes customer information, documents, copies of loan agreements, and other sensitive documents, indicating a significant breach of security.

The incident underscores the persistent cyber threats facing the financial sector and the importance of continuous vigilance and investment in advanced cybersecurity measures. Financial institutions, regardless of their security posture, remain prime targets for cybercriminals, emphasizing the need for robust security frameworks to safeguard sensitive customer information and maintain trust.

Sources

• From Kotak Life Insurance And IDFC First Bank To State Bank Of India And Turtlemint, BFSI Is Under Cyberattack - Forbes India. URL: Forbes India Article
• Indian bank IDFC denies it was affected by Windows ransomware. URL: DataBreaches.net Article
• Hackers Claim to Possess Database of IDFC First Bank - Privacy Affairs. URL: Privacy Affairs Article