Central Depository Reports Malware Intrusion, Says Data Safe

Central Depository Reports Malware Intrusion, Says Data Safe

SUMMARY

CDSL says there is no reason to believe any confidential information or investor data was compromised

The central depository said that it has isolated the machines and has disconnected itself from other constituents of the capital market

A Google executive had estimated that the country saw 18 Mn cyberattacks and 2 Lakh threats per day in the first quarter of 2022

In an incident that has raised alarm, the Central Depository Services Limited (CDSL) on Friday (November 18) said that it detected malware in a few of its internal machines.

“As per initial findings, there is no reason to believe that any confidential information or the investor data has been compromised,” said CDSL in a regulatory filing.

The central depository said that it isolated the machines after the incident came to light and immediately disconnected itself from other constituents of the capital market. The CDSL website has now been offline for more than 12 hours now.

CDSL said that it has already reported the incident to relevant authorities and was working with cyber security advisors to analyse the impact of the breach. 

“Resolution of the incident is in process, subsequent to which settlement activities would be completed,” added the government arm. 

Meanwhile, the central depository said that clearing and settlement processes were affected due to the incident, adding that the payout of funds and securities would be delayed.

Founded in 1999, CDSL is the country’s largest securities depository institution that manages Demat or stock broking accounts for millions of stock market investors. 

Promoted by banking giants such as the State Bank of India, Bank of Baroda, Axis Bank and HDFC Bank, CDSL maintained and serviced more than 7.34 Cr Demat accounts, as of September. It also catered to 19,301 companies, holding INR 38 Lakh Cr worth of securities in its Demat custody. 

Cybersecurity Under Lens

This is not the first time that CDSL has been hit by a cyberattack. In November last year, one of the depository’s subsidiaries, CDSL Ventures, was found storing the personal and financial data of 4.39 Cr Indian investors in an unsecured manner.

A month prior, a cybersecurity firm had discovered another critical security vulnerability in CDSL, which allegedly exposed extremely sensitive personal and financial data of more than 43.9 Mn Indian investors. 

Apart from the depository, multiple government arms have also made the headlines for similar reasons. In October, it was widely reported that Chinese government-backed hackers had allegedly targeted India’s National Informatics Centre (NIC) in a cyberattack. 

Earlier this year, Chinese cyber attackers allegedly broke into a network of seven power grid hubs in north India, including Ladakh. In the same month, Oil India Limited (OIL) also suffered a major cyberattack where perpetrators demanded $75,00,000 in Bitcoin as ransom. 

Last month, messaging platform WhatsApp also had a massive outage that lasted for more than two hours. While the platform blamed it on a technical glitch, it also submitted a report on the matter to the Ministry of electronics and information technology (MeitY).

Such has been the scale that even central leaders have raised alarm over the matter. Earlier, defence minister Rajnath Singh called for a concerted global effort to counter emerging security threats such as cyber attacks and information warfare.

Market watchdog Securities and Exchange Board of India (SEBI) is also purportedly working on a cyber security framework to address issues related to cyber fraud, data leaks and hacking of trading accounts.

Previously, Google estimated that the country saw 18 Mn cyberattacks and 2 Lakh threats per day in the first quarter of 2022. A report estimates that Indian firms lost an average of INR 17.6 Cr in the financial year 2021-22 (FY22) on account of data breaches.

Step up your startup journey with BHASKAR! From resources to networking, BHASKAR connects Indian innovators with everything they need to succeed. Join today to access a platform built for innovation, growth, and community.

Note: We at Inc42 take our ethics very seriously. More information about it can be found here.

You have reached your limit of free stories
Become An Inc42 Plus Member

Become a Startup Insider in 2024 with Inc42 Plus. Join our exclusive community of 10,000+ founders, investors & operators and stay ahead in India’s startup & business economy.

2 YEAR PLAN
₹19999
₹7999
₹333/Month
UNLOCK 60% OFF
Cancel Anytime
1 YEAR PLAN
₹9999
₹4999
₹416/Month
UNLOCK 50% OFF
Cancel Anytime
Already A Member?
Discover Startups & Business Models

Unleash your potential by exploring unlimited articles, trackers, and playbooks. Identify the hottest startup deals, supercharge your innovation projects, and stay updated with expert curation.

Central Depository Reports Malware Intrusion, Says Data Safe-Inc42 Media
How-To’s on Starting & Scaling Up

Empower yourself with comprehensive playbooks, expert analysis, and invaluable insights. Learn to validate ideas, acquire customers, secure funding, and navigate the journey to startup success.

Central Depository Reports Malware Intrusion, Says Data Safe-Inc42 Media
Identify Trends & New Markets

Access 75+ in-depth reports on frontier industries. Gain exclusive market intelligence, understand market landscapes, and decode emerging trends to make informed decisions.

Central Depository Reports Malware Intrusion, Says Data Safe-Inc42 Media
Track & Decode the Investment Landscape

Stay ahead with startup and funding trackers. Analyse investment strategies, profile successful investors, and keep track of upcoming funds, accelerators, and more.

Central Depository Reports Malware Intrusion, Says Data Safe-Inc42 Media
Central Depository Reports Malware Intrusion, Says Data Safe-Inc42 Media
You’re in Good company