Hackers Steal Data From Leading Indian Bank

Uploaded on 2025-02-03 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Financial

The Bashe ransomware group has reportedly breached the ICICI Bank database, one of India’s leading private sector banks, and has subsequently claimed responsibility for the attack. The alleged attack has surfaced on the Dark Web, where the hackers  set a ransom deadline, threatening to expose sensitive information if their demands are not met.

ICICI Bank has its main office in Mumbai, India and is one of the India’s leading financial organisations and ICICI has yet to release a statement regarding the breach.

The bank operates in over 11 countries, and offers a wide range of banking and financial services for corporate and retail customers through various delivery channels. It specialises in the areas of investment banking, life, non-life insurance, venture capital and asset management.

The well known ransomware group, Bashe, has claimed responsibility for the data attack, alleging access to sensitive customer data and threatening its public release unless their ransom demands are met.

Upon reviewing the claims, India Today’s Open Source Intelligence (OSINT) team found inconsistencies that cast doubt on the legitimacy of the breach.

The group claims to be in possession of confidential data stolen from the bank and says it gave the bank until January 24 to pay a ransom to regain access to the stolen data. According to screenshots shared on X, formerly Twitter, the stolen data includes the sensitive personal data of ICICI bank’s customers, including their names, addresses, gender and more.

While the group did not reveal the amount of the stolen data, it has given an option to “buy data immediately” to interested buyers.

This is not the first time ICICI bank has faced such allegations. In April 2023, security researchers at Cybernews went public to state that they discovered a misconfigured and publicly-accessible Digital Ocean bucket that contained more than 3.6 million files belonging to ICICI Bank.

ICICI Bank, in a 2023 statement shared with the media, said that the report about the bank suffering a data breach was “baseless and mischievous.” In its Q4 performance call, the bank’s Executive Director Sandeep Batra called the report “baseless and mischievous” and said there is no trace of evidence on the data getting leaked.

TEISS     |    ICICI Bank    |   India Today    |   TEISS   Checkpoint    |   Cybersecurity News     |    NP / AV

Image: @ICICBank

You Might Also Read: 

The Leading Indian Cyber Security Companies (extract):

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Defending The Gig Economy Against API Attacks
British Engineering Company Attacked »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Oxygen Forensics

Oxygen Forensics

Oxygen Forensics offer the most advanced forensic data examination tools for mobile devices and cloud services.

ACME Communications

ACME Communications

ACME Communications specialises in the field of data centre, implementation, maintenance & operation and all aspects of other IT service.

Cross Identity

Cross Identity

Cross Identity (formerly Ilantus Technologies) is a complete IAM solution that is deep, comprehensive, and can be implemented even by non-IT persons.

National Agency for Information & Communication Technologies (ANTIC) - Cameroon

National Agency for Information & Communication Technologies (ANTIC) - Cameroon

ANTIC is responsible for regulating the activities of electronic security and regulation of the Internet in Cameroon.

Ikarus Security Software

Ikarus Security Software

Ikarus focuses on antivirus and content-security solutions.

Dubai Electronic Security Center (DESC)

Dubai Electronic Security Center (DESC)

Dubai Electronic Security Center (DESC) was founded to develop and implement information security practices in Dubai.

Destel

Destel

Destel is a system integrator and provider of IT services focused on Advanced Network & Security Solutions.

Eperi

Eperi

Eperi is a leading provider of Cloud Data Protection (CDP) solutions with 15 years of experience in data encryption for databases, (SaaS) applications and files.

CyberSheath Services International

CyberSheath Services International

CyberSheath integrates your compliance and threat mitigation efforts and eliminates redundant security practices that don’t improve and in fact might probably weaken your security posture.

Tugboat Logic

Tugboat Logic

Tugboat Logic was created to address the skills and expertise gap in the security and compliance industry. Our goal is to simplify and automate information security management for every enterprise.

Soteria

Soteria

Soteria is a global leader in the development, integration and implementation of advanced cyber security, intelligence and IT solutions, delivering complete end-to-end solutions.

SEIRIM

SEIRIM

SEIRIM delivers cybersecurity solutions in Shanghai China specializing in Web Application Security, Network Security for SME's, Vulnerability Management, and serving as Managed Security as a Service.

Alias

Alias

Alias (formerly Alias Forensics) provide penetration testing, vulnerability assessments, incident response and security consulting services.

Aceiss

Aceiss

Aceiss empowers access security, providing unprecedented visibility and insights into user access.

Cyber Legion

Cyber Legion

Cyber Legion Ltd is a UK-based Cyber Security as a Service (CSaaS) start-up that provides IT security testing services to various organizations around the globe.

McKinsey & Company

McKinsey & Company

McKinsey & Company is a global management consulting firm. We are trusted advisor to the world's leading businesses, governments, and institutions.