The Indian government’s cyber watchdog is investigating how security at two companies that are part of the country’s vast IT services industry was breached in a global ATM heist in which $45 million was stolen from two banks in the Middle East.
EnStage Inc., which operates from Bangalore, and ElectraCard Services, based in the Indian city of Pune, processed card payments for the two banks, several people familiar with the situation said.
“We are investigating the technical aspect,” Gulshan Rai, director general of the Indian Computer Emergency Response Team (CERT), told Reuters by phone on Sunday, adding that the agency started its investigation on Saturday.
U.S. prosecutors said on Thursday that hackers broke into two card-processing companies, raising the balances and withdrawal limits on accounts that were then exploited in coordinated ATM withdrawals around the world.
The prosecutors did not name the two companies but said one was based in India and the other in the United States.
While details of what happened are still sketchy, experts said the banks could bring claims against the processing companies in court, or they could file claims with their insurers and those of the processing companies.