Small Banks' Customers Face Service Disruption Due to C-Edge Ransomware Attack

Customers of nearly 300 small lenders across India have faced disruptions in payment services due to a ransomware attack on technology service provider C-Edge Technologies. This issue has affected cooperative and regional rural banks relying on C-Edge, a joint venture between SBI and TCS. Officials confirmed that other banking services remain operational.

The breach was discovered two days ago, prompting immediate isolation of the C-Edge system to safeguard the broader payments network. Despite the disruption, there have been no reports of financial losses. "C-Edge Technologies…has been possibly impacted by a ransomware attack impacting a few of their systems," stated the National Payments Corporation of India (NPCI) in an evening announcement.

Ransomware Attack Impact

The NPCI had to temporarily disconnect C-Edge from accessing retail payment systems to contain the issue. Restoration efforts are ongoing, with a comprehensive security review in progress. A senior industry official mentioned that a third-party audit was conducted after isolating the ransomware. The system is expected to be operational by Thursday morning or afternoon.

National Cooperative Union of India chairman Dileep Sanghani reported that around 300 banks, including 17 district cooperative banks in Gujarat, have been experiencing issues for the past two-three days. "All online transactions, such as RTGS and UPI payments, are affected. Money is deducted from the sender's account but does not get credited in the receiver's account," said Sanghani, who also chairs Amreli District Central Cooperative Bank.

Efforts to Restore Services

Sanghani noted that banks have been facing these problems since July 29, with C-Edge officials attributing it to a technical fault. No representatives from C-Edge were available for comment at the time. The company's website states, "The solutions and services provided by us have a strong domain and technology focus that assists all our clients to maximise the value of their IT spend, reduce transaction costs and enhance customer satisfaction."

The affected banks represent less than 1% of the overall payment system volume in India, according to an industry official. Restoration work is being conducted urgently alongside C-Edge Technologies, with a necessary security review underway.

Despite the significant inconvenience caused by this attack, officials assured that other banking services continue to function normally. The focus remains on restoring full service as quickly as possible while ensuring robust security measures are in place.

The incident highlights the vulnerability of financial institutions to cyber-attacks and underscores the importance of stringent cybersecurity protocols. As efforts to resolve the issue continue, customers are advised to remain patient and vigilant regarding their transactions.