The NPCI said that the connection with C-Edge Technologies has been re-established following a security review by an independent forensic auditing firm
With this, UPI services are back online for about 300 small banks that were impacted by the cyberattack
On July 31, a ransomware attack at C-Edge, a technology service provider for cooperative and regional rural banks, hit UPI payments at many of its client banks
A day after a ransomware attack hit C-Edge Technologies, a technology service provider for banks, the National Payments Corporation of India (NPCI) said that the issue has been resolved.
The ransomware attack at C-Edge, which provides services to cooperative and regional rural banks, led to the NPCI temporarily isolating the service provider from accessing its retail payment systems.
In a statement on Thursday (August 1), the payments body said that the connection with C-Edge has been re-established following a security review by an independent forensic auditing firm.
With this, UPI services are back online for about 300 small banks that were impacted by the cyberattack.
“Investigation confirms that the impacted systems have been isolated by C-Edge to contain potential spread of the ransomware. Further, necessary security reviews have been conducted by the auditor to ensure that the rest of the infrastructure is clean,” the NPCI said in a statement.
The payments body also said that the impact was limited to the systems hosted in C-Edge’s own data centre. It added that the infrastructure of the impacted cooperative banks or regional rural banks were not affected by the attack.
“The services of co-operative banks and regional rural banks, which were dependent on C-Edge, have now been restored. With this, respective banks shall be able to offer (a) full range of services seamlessly to their customers, as it was before,” added NPCI.
A ransomware attack typically involves a malware that encrypts files such that users are barred access to them. Hackers restore user access if they are given ransom in return of a decryption key.
While there is no clarity on which banks were impacted by the attack, C-Edge’s website mentions Meghalaya Cooperative Apex Bank, Meghalaya Rural Bank, Maharashtra Gramin Bank as its clients.
C-Edge, set up in 2010 to provide technology-related services to small banks, is a joint venture (JV) between Tata Consultancy Services (TCS) and State Bank of India (SBI).
This comes at a time when cyberattacks on Indian companies are on the rise. As per a report, nearly 64% of surveyed Indian organisations faced ransomware attacks in 2023, with average ransomware demands hovering around $4.8 Mn.
