Possible au bank credit card breach

[thomasjackson]

Hi;

I am able to view credit card details of other users in the AU 0101 app. Including full card number, expiry date, cardholders name and cvv, credit limit, etc.

AU bank cc users please take necessary precautions. I have blocked the unknown users card for his safety and mine

 

[Zacobite]

Ek SBI bachega bas
Baki sab ban honge lagra ab to

Reason;
SBI is the banker to every indian

SBI will be in 000,000,0000000s... these. small fry banks are no match.. just that sbi cards is a different company with GE so maybe the behavior will be different

 

[Pradumya]

Ek SBI bachega bas
Baki sab ban honge lagra ab to

Reason;
SBI is the banker to every indian

Also because RBI and SBI me 1 letter ka hi difference hai

 

[thomasjackson]

Op kuch purchase karke dekho hota kya??

I just blocked that card immediately. I think the app was glitching. Some times it was showing mine, other times some other users. I guess the issue is fixed now.

 

[Pollex]

Kya bawaseer hai yeh.

 

[Vasuki]

Kya bawaseer hai yeh.

Dolo se liver damage hone wali baat h ..
Bawaseer toh hoga phir 🤣
Au ne liya he itna bada injection

 

[RAMESH BABU N]

... Aaj Dil ko sukoon mila.....

Mujhe bhi....

AU - the 1st bank which did not give me a CC.
HDFC - the only bank which issued a CC to me AND blocked it on the same day.

 

[RAMESH BABU N]

@RAMESH BABU N sir can u share some points on the possible reasons?

No idea.

But, ENJOYING the circus n hungama...

 

[Anil_Singh]

Mujhe bhi....

AU - the 1st bank which did not give me a CC.
HDFC - the only bank which issued a CC to me AND blocked it on the same day.

Are sir.. aap ko bhi?

 

[D7162]

Couple of days back, indusind bank shown me other user card data once, he has aura card, but after few sec and navigation back and forth, it disappeared

Seems like glitch in every bank

 

[RAMESH BABU N]

Are sir.. aap ko bhi?

Haa bhai haa...

The only reply I got was "Sir, please apply after 6 months". No other reason. I spoke to the Nodal Officer. He too said the same thing. I was wondering whether they have exhaused the plastic and their supplier must be needing 6 months to ship.

I chose to ignore AU.

 

[Walter White]

Raat ko aaram se sone bhi nhi denge yeh banks. Saare hi card disable karke rakhne padenge kya sone se pehle? 🙄

 

[RAMESH BABU N]

Jokes apart...

AU got a policy of verifying both the office n residence addresses - and both mist be in their serviceable towns/cities.

My Company's Registered Office is in Vijayawada - the Capital of AP. AU says it is not serviceable. So, they can't issuea CC.

By then, they (as well as we) knew about the impending merger of Fincare into AU. Fincare have 3 branches in Vijayawada. So, now, AU can give CCs for Vijayawada addresses also.

 

[Zacobite]

Raat ko aaram se sone bhi nhi denge yeh banks. Saare hi card disable karke rakhne padenge kya sone se pehle? 🙄

this also doesn't work.. kyon ki doosre ko pura access hai unblock karke use karne ka.. pehle icici, now AU

 

[Jolly Roger]

What's actually the reason behind so much of breaches these days?
As it's not linked to one particular bank
Everyday a new bank is getting attacked

@RAMESH BABU N sir can u share some points on the possible reasons?

This isn't a breach, more likely due to a poorly built app release that was let go without proper QC.

Happening because: https://www.ndtvprofit.com/business/kotak-bank-s-stumbles-show-pitfalls-of-india-s-tech-ambitions

 

[John Since]

Jokes apart...

AU got a policy of verifying both the office n residence addresses - and both mist be in their serviceable towns/cities.

My Company's Registered Office is in Vijayawada - the Capital of AP. AU says it is not serviceable. So, they can't issuea CC.

By then, they (as well as we) knew about the impending merger of Fincare into AU. Fincare have 3 branches in Vijayawada. So, now, AU can give CCs for Vijayawada addresses also.

I'm facing the same issue of rejection due to non-serviceable pincode.
I'm from Warangal and AU says non-serviceable pincode whereas there is a Fincare branch in the city.
I raised a complaint to nodal as well as RBI for making unnecessary cibil enquiry and then rejecting the application due to pincode.
May be in next 6 months, once the integration of Fincare into AU completes, it will start issuing cards to Fincare citied.

 

[Desu Sarath]

This shows that all banks software supplier is same and all are using latest version of it.
ICICI integrated it first and others are Integrating slowly 😂

 

[Jolly Roger]

This shows that all banks software supplier is same and all are using latest version of it.
ICICI integrated it first and others are Integrating slowly 😂

I know you're kidding and we all know there are multiple large banking software players, including the likes or Oracle.

I think what these glitches show is that the software is not at fault, because if given a chance banks would be the first to blame software vendors. I think the hardware infra needed is not good enough, which is why disruptions and failures occur. Especially given the volume of transactions Indian banks now see from UPI, etc. Secondly, app development at many Indian banks seems to be neglected going by this, as they seem to be releasing app updates with bugs that show data from other users, etc. This means app testing and QC is not happening properly.

What that means for security is an altogether more scary story!

 

[RAMESH BABU N]

My take :

Techies are creating/tinkering with the SW - both on the INB and on the Apps - first - without guidance from their Customer-Banks (who have SrVPs/DGMs/GMs who does not know anything about technology) and second - without proper testing by their team (or team from Customer-Banks) who does not know banking. So you have a funny n dangerous situation - developers does not know banking and bankers does not know technology. Result is such half-baked stuff with so many loose ends and dangerous handles hanging in the air. Everyone is running after deadlines. Often, even at the cost of compromising on the basic security features.

The stupid thing is - the others (Customer-banks) are NOT spending any time in learning from the mistakes committed by other Bank (now ICICI). Most of the test-teams are with outdated knowledge or capability. Sorry to say that, but it looks like it is a true fact going by what we have been seeing in the last one year or so. Very regularly, Apps and INB does not work as anticipated - no one knows the reason or the time schedule when it will be back on rails. Even after very regular scheduled maintenance breaks these Banks take (right from biggies like SBI, HDFC, ICICI to smallies like Yes and AU) - their Apps and INB fails most often. Even in our own TF community, we saw advices coming from experts asking for wait-a-couple-of-days for those glitches to vanish. It is sad to see this happen.

 

[Pack_of_Cards]

Hi;

I am able to view credit card details of other users in the AU 0101 app. Including full card number, expiry date, cardholders name and cvv, credit limit, etc.

AU bank cc users please take necessary precautions. I have blocked the unknown users card for his safety and mine

"Banks should be open to customers" iss statement ko jyada hi seriously le liya AU ne😆

 

[TechnoFinoTechnoFino is verified member.]

Hi;

I am able to view credit card details of other users in the AU 0101 app. Including full card number, expiry date, cardholders name and cvv, credit limit, etc.

AU bank cc users please take necessary precautions. I have blocked the unknown users card for his safety and mine

can you please share screenshot?