As I have repeatedly warned in this column, corporates, especially those in the finance and technology sectors, who want to find ways for rapid on-boarding of customers, lobbied hard to push the linking of Aadhaar to just about every identity, benefit and even returns on our own income. Successive governments gave in to these corporates and created an ‘expressway’ for using Aadhaar for a host of purposes never mentioned or envisaged initially. People have forgotten that Aadhaar was created primarily to provide an identity (ID) to economically backward people, migrants and nomads who did not have any ID. The creators, in their hurry to launch it, ignored aspects of security, privacy, ease of updation, and issues with biometrics that continue to afflict the Aadhaar ecosystem. Add to this, the problems such as wrong data entry, unreadable biometrics and the need for frequent updation of addresses, especially by younger people who change jobs often, and you realise the many issues with asking for Aadhaar everywhere. The worst sufferers are the poor and less literate. You would see hapless people standing in queues at Aadhaar service centres to pay money and rectify mistakes in their Aadhaar documents. In the process, some of them have their personal details stolen and sold by those who offer the service. Later in this column, I will also tell you what would happen if you install a mobile app shared or downloaded from anywhere other than the official Playstore of Google. Several instances have come to light where such fake gaming or loan apps are found stealing confidential data and emptying users’ bank accounts. Online Financial Fraud Using AePS The over-dependence on a flawed Aadhaar system continues to cause difficulties for people. A few days ago, the national cyber crime reporting portal of the Union ministry of home affairs (MHA) warned about online financial fraud using the Aadhaar-enabled payment system (AePS) without the need for a one-time passcode (OTP). A few months ago, I met a senior citizen who had two bank accounts in the same bank but in different cities. She wanted to close one account and went to the bank branch in that city. However, the branch was too crowded. In the meantime, she considered withdrawing some money from her bank account before closing. But even that counter had several people standing in a long queue. Someone told her that she could withdraw money using the service offered by a banking correspondent sitting outside the branch. She went there, and after much effort, her thumb impression was recorded for Aadhaar authentication, and she received the money. The serious part is that this money was withdrawn from her bank account in another city, not the one she wanted to close. This raises a serious question about why and how the money was withdrawn from an account whose details she never shared with the banking correspondent. One possible explanation is that the money was withdrawn from the account linked with Aadhaar. However, the senior citizen had linked her Aadhaar with both accounts. Yet, money from her account was withdrawn from only one account whose details she never shared with the banking correspondent. This is a flaw in Aadhaar systems which takes into account only the recently linked bank account as valid for transactions. AePS enables a person to withdraw money from their bank account using a local business correspondent anywhere in the country, and this also makes it easy to cheat people. Last year in August, we wrote about how, during the scrutiny of suspicious bank accounts, HDFC Bank Ltd discovered that 33 savings accounts were opened with the photographs of just two individuals, while the name in each account was different. The Bank filed a complaint with the IFSO (Intelligence Fusion and Strategic Operations) unit of Delhi police which busted a gang engaged in creating fake documents, especially Aadhaar cards and opening bank accounts. According to the police, the fraudsters used silicon fingerprints and printouts of the iris scan of the authorised agent to log in to the UIDAI database. “Whenever any illiterate came to them for any Aadhaar updation, Navneet Prajapati captured the biometrics of that person but updated the photograph and address as suitable to him.” The warning issued by the national cybercrime portal also cautions about the misuse of Aadhaar biometrics. It advises Aadhaar-holders to lock their biometrics on the official site of UIDAI or the Aadhaar app. Remember, once your biometrics are locked, you cannot use them again for authentication without unlocking them. This may pose a different kind of issue for Aadhaar holders. So, think twice before enabling or disabling the biometrics of your Aadhaar. A few days ago, the Telangana police suggested that one should disable the biometric link from Aadhaar if the holder has lost money in an AePS fraud. It asked people not to share Aadhaar details with anyone and to be aware of fraudulent transactions carried out using fake biometrics. The main reason for AePS fraud using Aadhaar biometrics is the ease with which fraudsters can create clones of fingerprints. Cloning of fingerprints is very easy; several video tutorials are readily available online and Moneylife Foundation even demonstrated it at a webinar in October 2016! Fake Apps There are hundreds of apps available on Google Playstore. Many Android application package (.apk) files are readily available for download at several unofficial portals. The biggest issue with all of these apps downloaded from unofficial places is they collect all data and information available on the device and send it to the fraudsters hiding in the garb of app developers. In the case of bogus loan apps, if the borrower does not pay the loan on time, the app company badgers the borrowers’ contacts, including sending messages for payment, as well as abusive and defamatory messages and even morphed nude images of the person. They also use social media like WhatsApp to shame borrowers over not repaying a loan. Source: moneylife.in.

Dismissing a complaint, the national consumer disputes redressal commission (NCDRC) ruled that the act of Jawaharlal Nehru Port Trust (JNPT) inviting quotations from banks seeking higher interest rates for its term deposits does not fall under the Consumer Protection Act. In this case, JNPT had also filed a case with the central bureau of investigation (CBI) against Oriental Bank of Commerce (OBC) for transferring Rs180 crore to one Padmavati International. JNPT had deposited the money with OBC as a term deposit in two tranches. In an order, the bench of justice Ram Surat Ram Maurya (presiding member) and Dr Inder Jit Singh (member) says, “…transactions between the complainant (JNPT) and the opposite party (OBC) were business to business transactions with motive to earn profit and for commercial purpose. The complainant falls within the exclusion clause of the definition of ‘consumer’ as defined under the Consumer Protection Act, and the complaint on its behalf is not maintainable.” The bench observed that in 2014, JNPT invited quotations from various banks seeking interest rates for its term deposit of Rs100 crore to Rs120 crore for two years. OBC offered an interest of 9.67% per annum (pa), the highest among other banks. On 12 February 2014, JNPT transferred Rs110 crore as a term deposit with OBC for two years with an interest of 9.67% compounded quarterly. Again on 15 February 2014, JNPT invited quotations from banks for a term deposit of Rs60 crore to Rs70 crore. OBC offered an interest rate of 9.75%pa, which was again the highest compared to other banks. On 17 February 2014, JNPT transferred Rs70 crore to OBC as a term deposit. JNPT sent emails to OBC seeking term deposit receipts (TDRs) for its two deposits of Rs110 crore and Rs70 crore. However, it did not receive the TDRs from OBC for the two deposits. JNPT alleged OBC ‘was making some excuse for not issuing TDRs’. After escalating the complaint with the general manager of OBC, the Trust learned that the amount of its term deposits had been transferred to the current account of Padmavati International. JNPT then filed a complaint in CBI. OBC contended that JNPT’s finance manager B Vasudeva Rao handed over the original letter dated 12 February 2014 to the Trust’s assistant technician Atmaram P Thakur, for creating a TDR of Rs110 crore for one year. “This original letter dated 12 February 2014 is now untraceable anywhere, which shows that misappropriation was done in connivance and active involvement of the employee of the JNPT.” “In spite of the fact that JNPT did not receive TDR of the money transferred on 12 February 2014, it again transferred Rs70 crore on 17 February 2014, further strengthening the connivance of the employees of JNPT. The complainant (JNPT) did not insist for issue of TDRs immediately and is guilty of contributory negligence. Transfer of money in the account of Padmavati International was at the behest of JNPT,” OBC contended. OBC also requested NCDRC to dismiss the complaint as JNPT is not a consumer and the complaint is not maintainable. Referring to NCDRC’s judgement in Synco Textiles Pvt Ltd vs Greaves Colton & Company Ltd, the bench stated the expression ‘for any commercial purpose’ are wide enough to take in all cases, where goods are purchased for being used in any activity directly intended to generate profit. “…the intension of the Parliament must be understood to be to exclude from the scope of the expression ‘consumer’ any person who buys goods for the purposes of their being used in any activity engaged on a large scale for the purposes of making profit. The Parliament wanted to exclude from the scope of the definition not merely persons who obtains goods for resale but also those who purchase goods with a view of using such goods for carrying on any activity on a large scale for the purposes of earning profit,” NCDRC says. In January 2019, the enforcement directorate (ED) attached Rs41.87 crore lying in bank accounts in Hong Kong of some shell companies in connection with the JNPT-OBC fraud case. According to the ED, one Rajesh Bangawala conspired with bank officials and fraudulently transferred Rs180 crore deposited by the JNPT to Padmavati International using forged documents. The agency recovered and returned Rs109 crore to JNPT. (Consumer Case No1564 of 2016 Date: 22 March 2016) Source: moneylife.in

Numerous supplement companies, including Unilever’s Nutrafol, Viviscal, Zenwise and NutraPro, and other hair product companies, such as Vegamour, advertise their products as able to grow hair and prevent hair loss, in violation of FDA and FTC law. The following are some examples: Pursuant to the FDA, claims that a product can stimulate hair growth and prevent, reduce or treat hair loss are drug claims requiring FDA approval, which these companies do not have. In fact, the only products that have been approved by the FDA to increase hair growth and treat hair loss are finasteride (Propecia) and minoxidil (Rogaine). Further, pursuant to the FTC, such hair loss and growth claims must be supported by competent and reliable scientific evidence in the form of “tests, analyses, research, or studies that (1) have been conducted and evaluated in an objective manner by experts in the relevant disease, condition, or function to which the representation relates; and (2) are generally accepted in the profession to yield accurate and reliable results.” What does this mean? Generally, the type of substantiation that experts would require for health benefit claims are randomized, controlled human clinical trials (RCTs). Many wellness companies that make health benefit claims do not have this level of scientific support. Even in cases where companies purport to have clinical trials or studies substantiating their advertising claims, the studies frequently have major flaws that prevent them from properly supporting the claims at issue. Some companies also use positive consumer testimonials in their marketing, but such endorsements do not amount to clinical proof that the products work (and can also present other deceptive marketing issues). What all this means is that consumers presented with hair growth and hair loss prevention ads should exercise caution and be aware that the FDA does not approve supplements for safety or effectiveness. Consumers should also always conduct their own independent research before purchasing such products, as well as consult with their health care provider. In addition, some hair loss companies have also used influencers to promote products on social media without ensuring the influencers properly disclose their material connection to the company or that the promotional posts are ads. This violates FTC law. TINA.org has taken steps to eradicate such deception in the hair growth industry by filing a complaint with the FTC and FDA regarding one company’s numerous violations of law, as well as notifying 25 other hair product companies of the law as it pertains to hair growth and hair loss prevention claims. To learn about those efforts, click here and here. Consumers are also encouraged to submit any questionable hair growth promotions to TINA.org here. Courtesy: TruthInAdvertising.org

The Reserve Bank of India (RBI) will soon put in place a process whereby people will be compensated by credit information companies (CICs) for delayed updation/rectification of credit information reports, said governor Shaktikanta Das. Recently, the CICs were brought under the purview of the Reserve Bank Integrated Ombudsman Scheme (RB-IOS). “It is now proposed to put in place the following measures: (i) a compensation mechanism for delayed updation/rectification of credit information reports; (ii) a provision for SMS/emailAalerts to customers whenever their credit information reports are accessed; (iii) a timeframe for inclusion of data received by CICs from Credit Institutions; and (iv) disclosures on customer complaints received by CICs,” Mr Das said. According to him, the above measures will further enhance consumer protection. Disclaimer: Information, facts or opinions expressed in this news article are presented as sourced from IANS. As a source and news provider, IANS is responsible for accuracy, completeness, suitability and validity of any information in this article.

In a significant ruling, the national consumer disputes redressal commission (NCDRC) says a patient obtaining free services from a government hospital is not a consumer. The bench also appreciated a gesture by the doctor to offer Rs2 lakh to the complainant on humanitarian grounds for the death of a newborn. In an order passed last week, Dr SM Kantikar, presiding member of NCDRC, says, “It is pertinent to note that the community health centre (CHC) hospital is a government hospital providing free services and Dr Kirandeep Kaur was working as a government servant. Therefore, it was a ‘contract of service’ which Dr Kirandeep Kaur was rendering in CHC. Thus, the patient was not a consumer as defined under section 2(1)(d) of the consumer protection act. This view dovetails from the recent decision of the Supreme Court in Nivedita Singh vs Dr Asha Bharti. Therefore, the consumer complaint filed before the district forum is not maintainable.” Even though no negligence was attributable to her, Dr Kirandeep Kaur volunteered to pay Rs2 lakh to Beant Kaur, the complainant, on humanitarian grounds for the death of the newborn. “I appreciate the humanitarian gesture of the petitioner (Dr Kirandeep Kaur) and allow to pay a total of Rs2 lakh to Beant Kaur after deducting the amount, if any, that has already been paid or deposited. This direction, in any case, shall not be construed as a precedent,” NCDRC says. Beant Kaur was pregnant and, during the intervening night of 12 August 2011 and 13 August 2011, went to CHC hospital in Dhanula. Chhinderpal Kaur, the staff nurse at the Hospital, examined the patient and suspected gastritis. Beant Kaur’s labour pain further increased and meconium-stained discharge was noted. As there was no facility for Cesarean delivery (C-section), Dr Kirandeep Kaur referred the patient to the Civil Hospital at Barnala to Dr Jasbir Singh Aulakh. Beant Kaur delivered a baby with meconium which subsequently died. Beant Kaur, being aggrieved by the alleged negligence of Dr Kirandeep Kaur and Chhinderpal Kaur, filed a complaint before the district forum at Barnala, against the Punjab government, the chief medical officer (CMO) Dr Kirandeep Kaur, staff nurse Chhinderpal Kaur and Dr Jasbir Singh Aulakh. Partly allowing the complaint against the Punjab government and Dr Kirandeep Kaur, the district forum directed them to pay Rs2 lakh jointly and severally as compensation to Beant Kaur. Both the Punjab government and Dr Kirandeep Kaur filed an appeal before the state commission. However, the state commission upheld the order passed by the district forum. Dr Kirandeep Kaur then filed a revision petition before NCDRC. After hearing both sides and perusing medical records and documents, Dr Kantikar from NCDRC observed that it was full-term pregnancy. Beant Kaur approached Dr Kirandeep Kaur at midnight on 12th August and 13 August 2011 with acute abdominal pain. On the instructions of Dr Kirandeep Kaur, the staff nurse prescribed antacids, some lab tests were done outside and the patient was kept under observation. The bench says Beant Kaur showed meconium-stained discharge; therefore, emergency caesarian delivery was needed. However, due to the strike of national rural health mission (NRHM) staff nurses at CHC, Dhanaula, the C-section was not performed. Therefore, Dr Kirandeep Kaur referred the patient to Dr Jasbir Singh Aulakh at Civil Hospital in Barnala in the early morning by ambulance. The C-section was performed on 13 August 2011 at 10am. The newborn was engulfed with meconium stain and died after a few hours. “In my view, due to the strike of nurses, Dr Kirandeep Kaur was unable to perform a C-section and took a prompt decision to shift the patient at the civil hospital at Barnala. It was done in the best interest of the patient, which does not constitute medical negligence. It was neither deficiency nor failure of duty of care from Dr Kirandeep Kaur,” NCDRC says in the order. While allowing the revision petition, the bench set aside orders passed by the district forum and state commission. (Revision Petition No1786 of 2017     Date: 3 April 2023) Source: moneylife.in

The government on Wednesday said 18,890 complaints have been received on National Consumer Helpline since 2017 against cab aggregators Ola and Uber. “441 grievances have been received on PG (Public Grievance) portal and 18,890 complaints received on National Consumer Helpline from January 1, 2017 to March 31, 2023 against Ola and Uber,” Minister of State for Food and Consumer Affairs Ashwini Kumar Choubey said in a written reply to Lok Sabha. The Central Consumer Protection Authority (CCPA) has issued notices to Ola and Uber on concerns related with deficiency in service, inadequate consumer grievance redressal mechanism, unreasonable levy of cancellation charge and lack of any information on the algorithm, he added. Source: Business-standard.com

The Delhi High Court (HC) on Wednesday said its interim order staying the guidelines of central consumer protection authority (CCPA), that prohibit hotels and restaurants from levying service charges ‘automatically or by default’ on bills, shall not be shown on the menu cards or display boards in a manner to mislead the consumers that the service charge has been approved by the court. Justice Prathiba M Singh was hearing the petitions filed by Federation of Hotels and Restaurant Associations of India and National Restaurant Association of India challenging the CCPA’s rules released on 4th July past year, which the HC stayed later that month. A co-ordinate bench stayed the guidelines while specifying that the service charge and obligation of the customer to pay it must be “duly and prominently displayed on the menu or other places.” “It is clarified that the interim order shall not be shown in the display board or menu card in a manner to mislead the consumer that the service charge has been approved by this court,” justice Singh said. During the hearing, additional solicitor general Chetan Sharma submitted that various restaurants are ‘misinterpreting the interim order’ by using it to give legitimacy to levy of the service charge. Both Associations were ordered by justice Singh to produce an affidavit stating the proportion of their members who insist on the service charge as a requirement on meal bills. The court further stated that the response must state whether the members would object if the term ‘service charge’ were to be replaced with another term, such as “staff welfare fund, staff welfare contribution, or staff charges”, in order to prevent consumers from assuming that the fee is being levied by the government. “The affidavit shall also indicate the percentage of members who are willing to inform the consumers that the service charge is not mandatory and they can contribute voluntarily.” The judge then listed he matter for the next hearing on 24th July. “For a long time, most of us thought that the service charge is being taken by the government. That is where the problem is because people think service charge is like a service tax. A consumer doesn’t know the difference between service tax, GST etc. because people think it is being taken by the government. I have come across a lot of people who think like that,” the court said. The Centre had earlier argued that the recommendations were released in the best interests of consumers and urged the court to take the matter into consideration, including its plea for the vacation of the stay order. It had further apprised the court that certain restaurants were currently relying on the interim order to create the image that they are permitted to impose service charges. Justice Singh had said that without hearing the parties, the interim order cannot be modified and added that the application for a vacation of stay shall be taken into consideration if the main case cannot be heard on the next date. Counsel appearing for the petitioners had said the service charge, which has been in existence for the last several years, is a ‘traditional charge’ and is distributed among those who ‘are not before the customers’, and restaurants are seeking it after displaying due notice of the same on their menu cards and in their premises. The petitioners had further claimed that the CCPA’s order is arbitrary, untenable and ought to be quashed. Disclaimer: Information, facts or opinions expressed in this news article are presented as sourced from IANS and do not reflect views of Moneylife and hence Moneylife is not responsible or liable for the same. As a source and news provider, IANS is responsible for accuracy, completeness, suitability and validity of any information in this article.

Five cyber criminals have been arrested for procuring the PAN Card details of 95 prominent celebrities, including Bollywood actor Abhishek Bachchan and former captain of the Indian cricket team MS Dhoni, and getting credit cards issued in their names, an official said on Friday. According to officials, the cards were issued from Pune-based fintech startup ‘One Card’. The accused used the details and duped banks of over Rs 50 lakhs Some of the other celebrities whose names and details were used by the fraudsters were Shilpa Shetty, Madhuri Dixit, Emraan Hashmi, Saif Ali Khan, Sachin Tendulkar, Alia Bhatt, Sonam Kapoor, Hritik Roshan, among others. The accused were identified as Puneet, Mohd Asif, Sunil Kumar, Pankaj Mishar and Vishwa Bhaskar Sharma. Joint Commissioner of Police (Eastern Range), Chhayya Sharma said that the accused forged government IDs of 95 celebrities and eminent persons to dupe banks of over Rs 50 lakhs. “The loophole is in documentation and backend verification which needs to be upgraded. All accused have good IT knowledge,” said the top officer. On interrogation, it was revealed that they used to get GST details of these celebrities from Google. “They were very well aware that the first two digits of GSTIN are state code and the next 10 digits are PAN numbers. Since the celebrities’ date of birth is available on Google, these two — PAN and date of birth — complete the PAN details,” said an official privy to investigation. “They got the PAN cards remade fraudulently by putting their own pictures on them so that during video verification, their looks match the photo available on their PAN/Aadhaar card. “The accused used to apply for credit cards and during video verification, they were asked questions related to their financial activities which they answered easily as they had got all such details from CIBIL,” the official added. Disclaimer: Information, facts or opinions expressed in this news article are presented as sourced from IANS. As a source and news provider, IANS is responsible for accuracy, completeness, suitability and validity of any information in this article.

Alarmed by the increase in phishing SMS messages asking ‘customers’ to update their permanent account number (PAN) through a short URL or link, HDFC Bank recently clarified that it never sends messages to its customers through an individual number and always uses SMS headers like HDFCBK or HDFCBN. While SMS link fraud is not new, what is worrying is that many persons who are not even customers of the Bank ostensibly receiving the message and opening links. At Moneylife, we have repeatedly said that opening such links can have serious implications for the user. She may end up sharing personal information, including bank details and lose money to fraudsters. A few months ago, the police arrested some criminals responsible for the ‘pending electricity bill’ fraud. Yet, many mobile phone subscribers continue to receive such fraudulent messages. A retired senior bank official was just about to get duped by these fraudsters when she contacted us to complain about the erratic response from the electricity provider. On further probe, we realised it was an electricity bill fraud and requested the banker to block the numbers immediately. Here are some images of the fraudulent messages sent in the name of banks… What should you do to protect yourself from being duped by these fraudsters? First and foremost, what every mobile subscriber needs to understand is that genuine or authentic SMS messages from banks or service providers usually contain a sender ID (consisting of their short name) instead of the phone number of the sender. So, if you receive any SMS from a number asking you to share or update any of your know-your-customer (KYC) information like sharing photo ID, Aadhaar, PAN and email ID, simply delete the message. Never click on the link in such an SMS. In a few cases, fraudsters have even used SMS headers that appear legitimate. Such SMS headers are registered with and assigned by a mobile operator; so if you receive a fraudulent message with such headers, you can report it to the concerned telecom company and the Telecom Regulatory Authority of India (TRAI). Details of each SMS header are available on the TRAI website. Here is the link https://smsheader.trai.gov.in/ Other than checking the sender’s number or SMS header, you can also be misled by fraudsters using short URLs in the messages. Sometimes, banks use short URLs, but again, unless you have initiated the transaction, do not open the link. Short URLs are basically a mini version of longish URLs. For example, here is the original URL of an article from Moneylife, https://moneylife.in/article/prateek-gupta-the-big-indian-defaulter-behind-a-500-million-international-commodities-fraud/70001.html. Now, if you want to send or share the article on social media like Twitter or through SMS, where there is a limit on word count, you need to shorten this long URL into something that would fit in the word limit. Using a free URL shortener service, this can be shortened to tinyurl.com/ycxe6r8r. Cybercriminals use URL shorteners to reduce the link’s word count and hide the original link. And since the original URL is hidden, people end up opening the link assuming that it, indeed, belongs to their bank or service-provider. In most cases, when you click on the link, malware gets installed on your mobile device (Android), providing access to all information on your device to the criminal gangs. In a few cases, the screen-sharing app may also be installed on the victim’s device. Once the fraudsters have access to your device, they can easily use the information to rob you. Suspicious apps that may get installed on your mobile could contain remote access trojans (RAT) and device-sharing apps like AnyDesk, which help fraudsters access the device and the entire data. Since the RAT and device-sharing apps remain hidden, the user will never know about their existence. RAT and the device-sharing apps show the entire activity of the device to the fraudsters in real-time. They can read all your messages, access the entire gallery and even call recordings. In these cases, the strict rule is never to open any shortened links. In the rarest case, if you want to open the link out of curiosity, visit wheregoes.com or checkshorturl.com. Both websites offer a free tool that tracks the short URL to its destination. Remember, your bank or any registered financial institutution never sends any SMS nor makes any call from a mobile number. All financial institutions are mandated to use specific SMS headers registered with the telecom operator. For example, VM-SBIINB is a registered and authorised SMS header of State Bank of India (SBI). However, the Bank may use other SMS headers while retaining its identity ‘SBI’ in the header like BV-SBIPSG, VM-SBIPSG, BZ-CBSSBI. The typical format and structure of the header with prefixes are as below: XY – ABCDEF, where X denotes telecom service-provider (TSP); Y denotes licence service area (LSA) and ABCDEF is a header assigned to the principal entity or registrant. (Read: Finally, TRAI Shares Names of Telemarketers and Their Codes!) Lastly, your bank has all the KYC details you submitted while opening the account. So, it will not ask you to selectively share or update only PAN details. If needed, your bank will ask you to update your entire KYC details by visiting your home branch.  How Not To Become a Victim • Do NOT click on any link, especially the short URL, shared by anyone via SMS/email. • Do NOT download any app other than from the authorised app stores (Google Play store). • Use a good quality anti-virus (several free apps provide good protection) for protection from viruses, malware, ransomware and remote access. source: moneylife.in.

After reports surfaced that personal information of nearly 6 lakh customers of HDFC Bank was allegedly leaked on the Dark Web, the bank said on Tuesday there has been no data leak of its customers. According to Privacy Affairs website, the HDFC Bank customers’ samples were posted on the hacker forum and “the posted data appears to be genuine”. HDFC Bank Cares Twitter handle on Tuesday posted that “there is no data leak at HDFC Bank and our systems have not been breached or accessed in any unauthorised manner”. “We remain confident of our systems. However we treat the matter of our customers data security with utmost seriousness and we continue to,” said the bank. Data allegedly includes full names, email addresses, physical addresses, and sensitive financial data, the report mentioned. Cyber-criminals allegedly posted the data for sale on a popular hacker forum. The criminals provided data samples while demanding money for the full database. “The criminals explained that the hack was allegedly obtained just recently, in early March 2023, and contains data from May 2022 to March 2023,” said the report. Several Twitter users on March 6 posted about facing outages, failed transfers and even scam messages on the official HDFC Bank mobile app. There has been a surge in spam bank text messages in the recent past. Disclaimer: Information, facts or opinions expressed in this news article are presented as sourced from. As a source and news provider, IANS is responsible for accuracy, completeness, suitability and validity of any information in this article.