

MUMBAI: PNB has denied that any card data breach has been detected in its IT infrastructure. The bank has also denied appointing PwC to probe the over Rs 11,300-crore Nirav Modi fraud .

In a statement to the stock exchange, the bank refuted reports that details of 10,000 credit and debit cardholders of the lender have been leaked online. “Bank’s security infrastructure is strong enough and it has taken all necessary technology steps to safeguard customer data,” the statement to the stock exchange said.

On Thursday, there were reports that information security firm CloudSek had tipped off the bank about a data breach. “We have a crawler that is deployed in the dark/deep web. These are sites on the internet which are not indexed by Google or other major search engines. They are used to buy and sell sensitive data illegally,” chief technical officer Rahul Sasi was quoted as saying by a news site Asia Times. He added that the crawler detects such data and sends it to a machine learning software, which identifies suspicious data.

The Dark Web is used to refer to the part of the World Wide Web which is accessible only by means of special software allowing users to remain anonymous and untraceable. It is a domain used for illegal online activity. The data available for sale in the Dark Web included names, expiry dates, personal identification numbers and card verification values (CVV), according to the news website.

Denying the appointment of PwC, PNB said that it had initiated the process of assigning forensic audit in the accounts of the Nirav Modi group and bids were invited from major audit firms. “Bid from PwC was also received, but in view of Sebi order dated January 10 (barring PwC from auditing listed companies for 2 yeas), the same has not been considered,” the statement to the exchange said. PNB is now in the process of finalising the forensic audit allocation among the remaining bidders.

