Hackers Steal Data From Leading Indian Bank

Uploaded on 2025-02-03 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Financial

The Bashe ransomware group has reportedly breached the ICICI Bank database, one of India’s leading private sector banks, and has subsequently claimed responsibility for the attack. The alleged attack has surfaced on the Dark Web, where the hackers  set a ransom deadline, threatening to expose sensitive information if their demands are not met.

ICICI Bank has its main office in Mumbai, India and is one of the India’s leading financial organisations and ICICI has yet to release a statement regarding the breach.

The bank operates in over 11 countries, and offers a wide range of banking and financial services for corporate and retail customers through various delivery channels. It specialises in the areas of investment banking, life, non-life insurance, venture capital and asset management.

The well known ransomware group, Bashe, has claimed responsibility for the data attack, alleging access to sensitive customer data and threatening its public release unless their ransom demands are met.

Upon reviewing the claims, India Today’s Open Source Intelligence (OSINT) team found inconsistencies that cast doubt on the legitimacy of the breach.

The group claims to be in possession of confidential data stolen from the bank and says it gave the bank until January 24 to pay a ransom to regain access to the stolen data. According to screenshots shared on X, formerly Twitter, the stolen data includes the sensitive personal data of ICICI bank’s customers, including their names, addresses, gender and more.

While the group did not reveal the amount of the stolen data, it has given an option to “buy data immediately” to interested buyers.

This is not the first time ICICI bank has faced such allegations. In April 2023, security researchers at Cybernews went public to state that they discovered a misconfigured and publicly-accessible Digital Ocean bucket that contained more than 3.6 million files belonging to ICICI Bank.

ICICI Bank, in a 2023 statement shared with the media, said that the report about the bank suffering a data breach was “baseless and mischievous.” In its Q4 performance call, the bank’s Executive Director Sandeep Batra called the report “baseless and mischievous” and said there is no trace of evidence on the data getting leaked.

TEISS     |    ICICI Bank    |   India Today    |   TEISS   Checkpoint    |   Cybersecurity News     |    NP / AV

Image: @ICICBank

You Might Also Read: 

The Leading Indian Cyber Security Companies (extract):

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Defending The Gig Economy Against API Attacks
British Engineering Company Attacked »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CyberDefenses

CyberDefenses

CyberDefenses services combine best-in-class cybersecurity oversight, managed services and training to help our clients truly address their cybersecurity challenges.

Sigma Payment Solutions

Sigma Payment Solutions

Sigma Payment Solutions offers a comprehensive suite of automated payment processing services, solutions, and technology to businesses in the USA.

Philippine National Police Anti-Cybercrime Group (PNP-ACG)

Philippine National Police Anti-Cybercrime Group (PNP-ACG)

The mission of the PNP Anti-Cybercrime Group is to implement and enforce pertinent laws on cybercrime and other cyber related crimes and pursue an effective anti-cybercrime campaign.

National Forensic Sciences University (NFSU) - India

National Forensic Sciences University (NFSU) - India

National Forensic Sciences University is the world’s first and only University dedicated to Digital Forensic and allied Sciences.

CultureAI

CultureAI

CultureAI deliver intelligent cyber security awareness education and tools that build resilient security cultures where employees help defend.

Ksmartech

Ksmartech

Ksmartech provide services related to security and authentication in all areas where the connection of people to objects, and objects and objects is necessary.

Bugraptors

Bugraptors

BugRaptors is a certified software testing company with extensive experience as a third-party testing vendor, effectively proven as a leader in software testing & QA Services.

Port53 Technologies

Port53 Technologies

Port53 Technologies is focused on delivering enterprise-grade, cloud-delivered security solutions that are easy to deploy, simple to manage and extremely effective.

Diateam

Diateam

Diateam is an R&D company specializing in computer security. Diateam develops highly innovative cyber range platforms and Industry-leading systems for cybersecurity training and testing labs.

Cira Info Tech

Cira Info Tech

Cira InfoTech’s cyber security and network consulting and managed services deliver unmatched talented resources and capabilities required to design and build an agile and adaptive IT environment.

Technology Innovation & Startup Centre (TISC)

Technology Innovation & Startup Centre (TISC)

TISC is a startup incubator at the Indian Institute of Technology Jodhpur (IITJ) and we back deep-tech startups.

Tego Cyber

Tego Cyber

Tego Cyber delivers a state-of-the-art threat intelligence platform that helps enterprises deploy the proper resolution to an identified threat before the enterprise is compromised.

stackArmor

stackArmor

stackArmor specializes in compliance and security-focused solutions delivered using our Agile Cloud Transformation (ACT) methodology.

AKIPS

AKIPS

AKIPS develops the world's most scalable network and infrastructure monitoring software, delivered as a turn-key software appliance.

Panoptic Cyber

Panoptic Cyber

Panoptic Cyber are a team of elite Armed Forces Veterans who hold a wealth of experience in Information Security, Cyber Security, Data Protection and Risk Management.

Clutch Security

Clutch Security

Clutch Security are on a mission to secure all Non-Human Identities. Everywhere.