Hackers Steal Data From Leading Indian Bank

Uploaded on 2025-02-03 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Financial

The Bashe ransomware group has reportedly breached the ICICI Bank database, one of India’s leading private sector banks, and has subsequently claimed responsibility for the attack. The alleged attack has surfaced on the Dark Web, where the hackers  set a ransom deadline, threatening to expose sensitive information if their demands are not met.

ICICI Bank has its main office in Mumbai, India and is one of the India’s leading financial organisations and ICICI has yet to release a statement regarding the breach.

The bank operates in over 11 countries, and offers a wide range of banking and financial services for corporate and retail customers through various delivery channels. It specialises in the areas of investment banking, life, non-life insurance, venture capital and asset management.

The well known ransomware group, Bashe, has claimed responsibility for the data attack, alleging access to sensitive customer data and threatening its public release unless their ransom demands are met.

Upon reviewing the claims, India Today’s Open Source Intelligence (OSINT) team found inconsistencies that cast doubt on the legitimacy of the breach.

The group claims to be in possession of confidential data stolen from the bank and says it gave the bank until January 24 to pay a ransom to regain access to the stolen data. According to screenshots shared on X, formerly Twitter, the stolen data includes the sensitive personal data of ICICI bank’s customers, including their names, addresses, gender and more.

While the group did not reveal the amount of the stolen data, it has given an option to “buy data immediately” to interested buyers.

This is not the first time ICICI bank has faced such allegations. In April 2023, security researchers at Cybernews went public to state that they discovered a misconfigured and publicly-accessible Digital Ocean bucket that contained more than 3.6 million files belonging to ICICI Bank.

ICICI Bank, in a 2023 statement shared with the media, said that the report about the bank suffering a data breach was “baseless and mischievous.” In its Q4 performance call, the bank’s Executive Director Sandeep Batra called the report “baseless and mischievous” and said there is no trace of evidence on the data getting leaked.

TEISS     |    ICICI Bank    |   India Today    |   TEISS   Checkpoint    |   Cybersecurity News     |    NP / AV

Image: @ICICBank

You Might Also Read: 

The Leading Indian Cyber Security Companies (extract):

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Defending The Gig Economy Against API Attacks
British Engineering Company Attacked »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

US Cyber Command (USCYBERCOM)

US Cyber Command (USCYBERCOM)

USCYBERCOM conducts activities to ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries.

e-Governance Academy (eGA)

e-Governance Academy (eGA)

eGA is a think tank and consultancy founded for the transfer of knowledge and best practice in e-governance, e-democracy and national cyber security.

Ceerus

Ceerus

Ceerus was created to simplify the process of deploying and managing security across all the channels in an organisation.

ThreatBook

ThreatBook

ThreatBook is dedicated to providing real-time, accurate and actionable threat intelligence to block, detect and prevent attacks.

IPQualityScore (IPQS)

IPQualityScore (IPQS)

IPQS anti-fraud tools provide a real-time fraud score to analyze how likely a user or visitor is to engage in fraudulent behavior.

Irish National Accreditation Board (INAB)

Irish National Accreditation Board (INAB)

INAB is the national accreditation body for Ireland. The directory of members provides details of organisations offering certification services for ISO 27001.

Gorodissky IP Security

Gorodissky IP Security

Gorodissky IP Security is a comprehensive approach to protecting your intellectual property on the Internet and beyond.

Intersistemi Italia

Intersistemi Italia

Intersistemi is a leading Italian company in the field of information technology integration and digital transformation including cybersecurity.

Trusted Technologies and Solutions (TTS)

Trusted Technologies and Solutions (TTS)

TTS is a security consulting company specialised on business continuity and crisis management, information security management, information risk management and identity and access management.

Zyston

Zyston

Zyston's solutions provide end-to-end management of your cybersecurity needs. Our range of services help protect your business where it needs it the most.

Armolon

Armolon

Armolon provides comprehensive data breach and cybersecurity, as well cybersecurity audits and certifications, and disaster recovery/business continuity services to clients.

U2opia Technology

U2opia Technology

U2opia is a consortium with a proven track record of delivering groundbreaking technology, cybersecurity, and innovative business solutions.

Arista Middle East

Arista Middle East

Arista Middle East is part of Global Arista Technologies specializing in OT Cybersecurity.

Cognna

Cognna

Cognna's innovative platform is designed to empower you and your team, providing the tools you need to detect, prevent, and resolve threats with ease.

BetterWorld Technology

BetterWorld Technology

BetterWorld Technology provides cloud solutions, managed services, SaaS, cybersecurity and virtual CIO, all customized to meet your needs.

nodeQ

nodeQ

At nodeQ, we are pioneering the future of computer networks, leveraging our deep expertise in quantum communication, artificial intelligence, and software-defined networking.