Bank of India hack

September 3, 2007 at 10:02 pm Leave a comment

Stories about how Bank of India’s website was compromised to spew out malware to visitors are all over the place. If you haven’t yet caught up on this news, SunbeltBlog broke the story and has a blow by blow account. There is also a YouTube video and many, many stories around the Net such as in The Register.

Sadly, it is neither the first nor the last organisation that has paid the price for not patching its systems. But surely one should expect better from a large, respected bank?

For me, the really sad part is Bank of India’s reaction to the attack.

For hours after they were informed of the attack, they continued to let the website operate, continuing to infecting visitors. This is irresponsible.

India’s Economic Times quotes their general manager as saying, “We have taken up the matter with our technology-partner and all necessary action will be taken to rectify the matter. In my view, the users will not be faced with any major problems. However, we are not completely sure that an attack actually happened.” This is criminal ineptitude.

There seems to be no evidence of any disaster planning. No damage control, no communications to their customers, no evidence that the bank is fighting to save its reputation.

When I last checked, their website still had the message, “This site is under temporary maintenance till further notice. Kindly bear with us.” Yeah, right.

And that is a sad state of affairs.


Entry filed under: fraud, network, security, strategy, trust, video.

Wellington events coming up Australia’s Big Mother

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed

This blog is no longer updated. See the About page for more info. I'm currently active on Twitter.

Follow me on twitter


%d bloggers like this: