NPCI's decision to block C-Edge from retail payments system averted a systemic impact: RBI Governor
NPCI) decision to temporarily block C-Edge Technologies from the retail payments system averted a systemic impact, Reserve Bank of India Governor Shaktikanta Das said on Thursday. Nearly a fortnight ago, IT service provider C-Edge Technologies had been possibly impacted by a Ransomware attack impacting the retail payment systems of a few regional rural banks and co-operative banks.
«The NPCI's decision to block further transactions wherever this service provider had been engaged was to isolate the problem, and if that had not been done it could have produced a system wide impact,» said Shaktikanta Das, Governor, RBI. «That would have been far more costly.»
A ransomware attack by the RansomEXX group had hit India’s banking system and payment firms. The attack had primarily impacted Brontoo Technology Solutions, a key collaborator with C-EDGE, a joint venture between TCS and SBI. C-Edge had hired Brontoo Technology Solutions to deploy connectivity with Bharat Bill Payment System (BBPS).
The attack has prevented customers of around 300 small-sized lenders across the country from accessing payment services like withdrawing cash at ATMs or using UPI.
«The impact was on an IT service provider because one of its third party systems was impacted,» J Swaminathan, deputy governor, RBI. «Incidentally the entity was also providing similar third party services to many other smaller banks and RRBs. Since there was likelihood of risk transmitting to other systems, as a proactive measure they had to be shut off from the payment
