ICICI Bank, one of India's top private banks, has released sensitive data on thousands of new credit cards to customers who were not the intended recipients.
The Mumbai-based bank confirmed to TechCrunch on Thursday that its digital channels had “erroneously mapped” approximately 17,000 credit cards issued over the past few days to the “wrong” users. The issue comes after some customers took to social media to complain about the bank's iMobile Pay app exposing unknown customers' credit card details, including the full number and Card Verification Value (CVV). This came to light after I raised my concerns.
“Our customers are our top priority and we are fully committed to protecting their interests,” Kaushik Dutta, head of corporate communications at ICICI Bank, said in an emailed statement to TechCrunch. mentioned in. “We apologize for any inconvenience this may cause. No cases of misuse of cards from this set have been reported to us. However, in the event of financial loss, the bank will ensure that the customer is adequately compensated. I guarantee you that.”
The spokesperson added that the number of affected credit cards accounted for approximately 0.1% of the bank's credit card portfolio.
As reported by financial forum Technofino, sensitive data such as the complete card number, expiry date, and CVV of an unknown customer's credit card was suddenly visible to some users on the iMobile Pay app.
“Security flaw in iMobile app allows access to someone else's Amazon Pay CC. OTP restricts domestic transactions, but iMobile app details can be used to make international transactions,” users said. one person wrote on the forum.
A bank spokesperson told TechCrunch that they are blocking the affected cards and issuing new cards to customers.
ICICI Bank has over 6,000 branches in India and branches in 17 countries around the world. The iMobile Pay app, launched in 2008, has over 28 million users.