Press "Enter" to skip to content

India NACH Data Breach Exposes 273,000 Bank Records

A massive data breach in India exposed over 273,000 bank transfer records containing sensitive personal and financial information. Cybersecurity firm UpGuard discovered that these records were hosted on an unsecured server linked to the National Automated Clearing House (NACH), which handles high-volume payments like salaries, loan disbursements, and recurring transfers.

Details of the Breach

The exposed data included PDF files with account numbers, personal details, and bank transaction records. These records were associated with at least 38 banks. The breach reportedly began in April 2025, and the server remained publicly accessible until it was secured after notification.

UpGuard analyzed a sample of 55,000 files (42GB out of 210GB total) and found that:

  • The earliest documents date back to April 10, 2025.
  • Approximately 3,000 new files were being added daily.
  • Most transactions involved large banks, but some smaller institutions were disproportionately represented.
  • Top affected institutions included Aye Finance (59.6%), SBI (24.22%), and Muthoot Capital (13.3%).

Who Discovered the Breach?

Cybersecurity firm UpGuard first detected the exposed server in late August 2025. The server contained 273,000 PDF files, accessible to anyone with the link. UpGuard immediately reported the incident to affected organizations, including:

  • Aye Finance
  • National Payments Corporation of India (NPCI)

Despite notifications, several organizations denied responsibility for the breach, raising concerns about accountability in cybersecurity.

Government Involvement

After reporting, UpGuard alerted CERT-In (India’s Computer Emergency Response Team). The data was subsequently secured. However, it is still unclear:

  • Who exactly caused the breach
  • Who is responsible for notifying affected individuals
  • Which organization is accountable for the lapse in security

Implications of the Breach

This incident highlights the increasing risks to personal and financial data in India. Key concerns include:

  • Cybersecurity accountability: No organization has officially taken responsibility.
  • Data privacy: Sensitive bank and personal information was exposed.
  • Systemic risk: Multiple banks and financial institutions are affected.

Individuals whose data may have been exposed are advised to:

  • Monitor bank accounts for suspicious activity
  • Report unauthorized transactions immediately
  • Change passwords and security settings for online banking

Conclusion

The NACH data breach is a stark reminder of the importance of data security and transparency in India’s financial system. While the exposed data has now been secured, questions about responsibility and proper handling of such sensitive information remain unanswered. Strengthening cybersecurity measures is essential to prevent similar incidents in the future.

Be First to Comment

    Leave a Reply

    Your email address will not be published. Required fields are marked *