Setting to rest the concerns of about 180 million customers, Punjab National Bank (PNB) has said that their personal data has seen no pilferage or breach of systems as alleged by a cyber security firm.

In a four-point clarification note, the country’s second-largest public sector bank said it thoroughly checked its systems and the reported attempt of perpetrator was monitored and checked.

“We have thoroughly checked our ICT systems those on Internet-facing and operating in the background. There has been no breach of systems and pilferage of any personal data of any of our customers and account holders,” the bank said.

CyberX9 had alleged that a vulnerability in the server of PNB exposed the personal and financial information of its about 180 million customers for about seven months. It also stated that the bank fixed the vulnerability when it was notified by the cyber security firm through CERT-In and NCIIPC.

PNB, however, clarified that all its critical ICT systems dealing with banking transactions are kept in a secure zone, called DM zone with multiple layers of protection. 

The bank has implemented stringent security controls in all its ICT (information and communications technology) systems. Data leak prevention solutions have been deployed, which prevent any unauthorised data to be sent through email.

“The said zone does not permit unauthorised access to anyone including internal staff. The ICT systems are monitored round the clock by competent staff at the security operation centre. The data at rest and transit are encrypted using proprietary algorithms,” the bank said. 

The bank is certified with International ISO 27001 best information security practices which are validated minimum every year and as and when significant up-gradation to the ICT systems is undertaken. These standards and best practices are also adopted in India, PNB said in a statement. 

“Our customers are very valuable to us. We assure our all customers that PNB, your bank, will strive hard to keep your personal data highly confidential meeting to the best possible standards. Towards this, PNB will always be at the forefront to implement the best available resources to implement the best security controls to secure the Information of our all customers," the bank added.