A recent ransomware attack has caused disruptions in the payment systems of nearly 300 small local banks in India. This incident has led to the temporary unavailability of services such as ATM cash withdrawals and UPI transactions for the affected banks’ customers. The attack targeted C-Edge Technologies, a provider of banking technology systems to small banks across the country. Although other banking services are reportedly operating as usual, the National Payments Corporation of India (NPCI) confirmed that C-Edge Technologies has been impacted by the ransomware attack, resulting in the temporary isolation of their systems from accessing NPCI-operated retail payment systems.
Dileep Sanghani, chairman of the National Cooperative Union of India, revealed that approximately 300 banks, including 17 district cooperative banks in Gujarat, have been experiencing difficulties for the past few days. The outage has affected online transactions such as RTGS and UPI payments, with funds being deducted from the sender’s account but not credited to the recipient’s account.
NPCI informed Reuters that customers of banks serviced by C-Edge will be unable to access payment systems during the isolation period. Restoration efforts are underway in collaboration with C-Edge Technologies, along with a mandatory security review. The breach, which was discovered two days ago, has prompted necessary precautions to safeguard the broader payments system, including the isolation of the C-Edge system.
This joint venture between SBI and TCS primarily serves cooperative banks and regional rural banks, and while the breach has impacted these institutions, other banking services have remained unaffected. Although the affected banks represent less than 1% of the total payment system volume in the country, further measures, including a third-party audit, have been initiated to address the ransomware incident. Despite the disruption, no financial losses have been reported.