Hackers Steal Data From Leading Indian Bank

Uploaded on 2025-02-03 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Financial

The Bashe ransomware group has reportedly breached the ICICI Bank database, one of India’s leading private sector banks, and has subsequently claimed responsibility for the attack. The alleged attack has surfaced on the Dark Web, where the hackers  set a ransom deadline, threatening to expose sensitive information if their demands are not met.

ICICI Bank has its main office in Mumbai, India and is one of the India’s leading financial organisations and ICICI has yet to release a statement regarding the breach.

The bank operates in over 11 countries, and offers a wide range of banking and financial services for corporate and retail customers through various delivery channels. It specialises in the areas of investment banking, life, non-life insurance, venture capital and asset management.

The well known ransomware group, Bashe, has claimed responsibility for the data attack, alleging access to sensitive customer data and threatening its public release unless their ransom demands are met.

Upon reviewing the claims, India Today’s Open Source Intelligence (OSINT) team found inconsistencies that cast doubt on the legitimacy of the breach.

The group claims to be in possession of confidential data stolen from the bank and says it gave the bank until January 24 to pay a ransom to regain access to the stolen data. According to screenshots shared on X, formerly Twitter, the stolen data includes the sensitive personal data of ICICI bank’s customers, including their names, addresses, gender and more.

While the group did not reveal the amount of the stolen data, it has given an option to “buy data immediately” to interested buyers.

This is not the first time ICICI bank has faced such allegations. In April 2023, security researchers at Cybernews went public to state that they discovered a misconfigured and publicly-accessible Digital Ocean bucket that contained more than 3.6 million files belonging to ICICI Bank.

ICICI Bank, in a 2023 statement shared with the media, said that the report about the bank suffering a data breach was “baseless and mischievous.” In its Q4 performance call, the bank’s Executive Director Sandeep Batra called the report “baseless and mischievous” and said there is no trace of evidence on the data getting leaked.

TEISS     |    ICICI Bank    |   India Today    |   TEISS   Checkpoint    |   Cybersecurity News     |    NP / AV

Image: @ICICBank

You Might Also Read: 

The Leading Indian Cyber Security Companies (extract):

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Defending The Gig Economy Against API Attacks
British Engineering Company Attacked »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Network Integrity Systems

Network Integrity Systems

Network Integrity Systems is a leader in network infrastructure security and offers solutions specifically developed for Government and Private Enterprise.

CyberSeek

CyberSeek

CyberSeek provides detailed, actionable data about supply and demand in the cybersecurity job market.

Bunifu Technologies

Bunifu Technologies

Bunifu Technologies is an Information Security and Custom Software Development Company.

Cyberteq

Cyberteq

Cyberteq is an innovative Information and Communication Technology Consulting Company, enabling it’s customers to take full advantage of the latest technologies in a secure manner.

Grupo CFI

Grupo CFI

Grupo CFI is the largest Spanish network of data protection and cybersecurity professionals.

RHEA Group

RHEA Group

RHEA Group offers aerospace and security engineering services and solutions, system development, and technologies including cyber security.

Yelbridges

Yelbridges

Yelbridges offer high quality IT security & risk management services to mitigate business risks.

Capsule8

Capsule8

Capsule8 is the only company providing high-performance attack protection for Linux production environments.

Cysiv

Cysiv

Cysiv SOC-as-a-Service combines all the elements of an advanced, proactive, threat hunting SOC, with a managed security stack for hybrid cloud, network, and endpoint security.

HITRUST Alliance

HITRUST Alliance

HITRUST provides widely-adopted common risk and compliance management frameworks, related assessment and assurance methodologies.

Citalid

Citalid

The Citalid cyber risk management platform combines threat and business intelligence to identify the risks scenarios you face.

OmniCyber Security

OmniCyber Security

Omni is a cyber security firm specialising in Penetration Testing, Managed Security and Compliance.

LiveAction

LiveAction

LiveAction provides end-to-end visibility of network and application performance from a single pane of glass.

Schneider Downs

Schneider Downs

Schneider Downs & Co. provides accounting, tax and business advisory services through innovative thought leaders who deliver their expertise to meet the individual needs of each client.

Breathe Technology

Breathe Technology

Breathe Technology has been providing Managed IT Support/ Service Desk, Cloud Services, Cyber Security & Communications to businesses and schools since 2003.

Cyber Castle

Cyber Castle

Linux Demands Sophisticated, Purpose-Built Security. Cyber Castle is the solution. A safe, deployable platform down to the edge device for monitoring Linux security anywhere across the globe.