Hundreds of Indian Banks Went Offline as Ransomware Attack Hit Local Tech Provider

• A ransomware attack targeted a technology provider that works with numerous banks in India.
• The cyberattack forced their systems offline, affecting the customers of hundreds of small banks nationwide.
• Local authorized entities cut the company’s access to the retail payments system while the audit is ongoing.

Approximately 300 small Indian local banks were forced to shut down their payment systems after technology service provider C-Edge Technologies suffered a ransomware attack, a new Reuters report mentions, citing two relevant sources. The provider offers banking technology systems to small banks in India.

C-Edge Technologies was “temporarily isolated from accessing the retail payments system” operated by the National Payment Corporation of India (NPCI), according to a public advisory on Wednesday. NPCI is conducting an audit, as per one of the sources.

NPCI, which oversees payment systems, announced that people who work with cooperative and regional banks that use C-Edge will lose access to payment systems as a result. These banks primarily operate outside big cities.

C-Edge Technologies is a joint venture between software giant TCS and the State Bank of India that provides payment technology, core banking systems, and compliance solutions for banks. The ransomware attack impacted UPI, IMPS, and other retail payment services.

Officials at a regulatory authority said the impacted financial institutions were cut off from the country’s broader payment network as a preventive measure. Since these are small banks, “only about 0.5% of the country’s payment system volumes would be impacted.”

Sources said the RBI and the Indian cyber authorities have warned Indian banks about possible cyber attacks in the past few weeks. 

This month, a Ukrainian cyberattack on Russian banks caused significant disruptions, reportedly impacting social apps, Internet providers, and public transportation payments. This was part of a larger, ongoing Ukrainian cyber operation in the backdrop of the conflict between the two countries.

In early July, a huge trove of data from the U.S. Evolve Bank was sold on a hacker forum as a result of a ransomware attack. The security incident sent ripples to third parties, impacting the customer database of money transfer and fintech firm Wise and the Affirm Holdings card company.