How Safe Is Your Personal Data with Your Bank? Experts Respond to Security Threats

In an era dominated by digital transactions, data privacy stands as a paramount concern, especially within the banking-finance sector. Recent revelations paint a grim picture, with reports of widespread data breaches, leaks of sensitive information, and a surge in cyber threats. Similarly, concerns have been raised over the issuance of Digital Life Certificate (DLC) for pensioners from banks.  

‘Save Banks Save Nation’ Forum writes to RBI
The 'Save Banks Save Nation' Forum (Bank Bachao Desh Bachao Manch, abbreviated as BBDBM), has addressed a letter to the RBI Governor, urging immediate intervention to safeguard data privacy and security in the administration of the DLC for pensioners. They also expressed concern over the outsourcing of database management, which includes sensitive biometric data. This outsourcing, BBDBM argues, poses a significant risk to the security of  personal information.

Speaking to Kanal, Soumya Dutta, the Joint Secretary of BBDBM, highlighted the tech barrier faced by elderly individuals, making them more susceptible to potential security breaches as the banking sector undergoes a digital shift. “RBI's urgent intervention is required to ensure the protection of pensioners' data and to mitigate the risks associated with the move towards digital banking”, he said.

Indian Banks Report 248 Data Breaches in 4 Years
Indian banks have reported a total of 248 data breaches over the span of four years, according to a statement given by the Ministry of Finance in Parliament in August 2022.  Between June 2018 and March 2022, 41 incidents occurred in Public Sector Banks (PSBs), while Private Banks accounted for 205 cases and Foreign Banks for two cases. The government also stated that the RBI has issued guidelines to address and prevent such breaches.

In recent news, the UCO bank encountered a catastrophe in which the Public Sector Bank(PSB) lost ₹820 Crore wrongly credited to different accounts from 10 to 13 November, 2023. Following  the incident, the Ministry of Finance has again issued a warning, urging PSBs to enhance cybersecurity measures to counter data privacy breaches and associated financial frauds. 

6 Among 10 Indians Report Data Breach by Lenders
A survey revealed in November 2022 that a significant 59% of Indians have reported being approached by alternate service providers with detailed offers similar to their existing loans. This exposes their data has been shared by the lenders with a third party without consent. The survey found 6 in 10 citizens believe that their personal data has been compromised by money lending financial institutions whereas 4 in 10 allege insurance companies and 3 in 10 allege banks for the same. 

50% Increase in Data Leaks from Banking-Finance Sector: Dell Study 2023
A recent study report by Dell Technologies that came out in March 2023 has identified a concerning 50% increase in data leaks from the Banking and Finance sector. This underscores the growing vulnerability of sensitive information within the industry. 

Bank Employees Not Immune to Data Privacy Breach
The State Bank of India (SBI) reported a serious data privacy breach in July 2023 where sensitive information of 12,000 of its employees was leaked on Telegram channels, indicating the vulnerability of data privacy even within the banking fraternity.

The Aadhaar Data Leak and Its Implications
Despite the Supreme Court's declaration that Aadhaar is not mandatory, its practical integration in the banking and other sectors remains widespread. The ongoing linkage of Aadhaar with the bank accounts implies that the recent Adhaar Data Breach exposing the sensitive information belonging to 81 crore Indians on dark web, also makes them vulnerable to the risk of bank frauds.

In this context, Data Privacy Activist Hrishikesh Bhaskaran who has been vocal against the privacy breach and surveillance aspects of Aadhaar puts his case. “This alarming breach underscores the urgent need for enhanced cybersecurity measures within the banking industry, urging authorities to reevaluate the reliance on Aadhaar in financial transactions. This continued linkage of Aadhaar makes it imperative for comprehensive safeguards to be implemented promptly, ensuring the security and privacy of individuals amid the evolving landscape of digital transactions”, he told Kanal.

BBDBM has also started a campaign against the linkage of Aadhaar with bank accounts. “The need of the hour is to build a country wide civil society movement to delink Aadhaar from deposit accounts to ensure security stakeholders”- they posted on X.

Image - A poster by BBDBM as part of the campaign against Aadhaar linkage.

Hrishikesh Bhaskaran added that “Sometimes mishaps occur due to lack of awareness of the personnel(who are collecting or handling digital data) about data security and potential threats. The false belief that Aadhaar is a foolproof identity system can also lead to trouble.  Financial institutions must train their staff on data security protocol - the dos and don'ts”.

All these pointers and issues raised by concerned people stress the urgent need to enforce a strong data protection law and the robust measures to be undertaken at policy level, institution level and personal level to safeguard against data privacy breaches and cybersecurity threats.