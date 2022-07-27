Data breaches are becoming increasingly common, especially when it comes to the banking sector in Pakistan. Recently, there have been unconfirmed reports of Standard Chartered Pakistan facing serious security issues due to which its customers have been losing money through transactions they did not carry out on their debit cards.

Several people have taken to Twitter to share their experiences and it appears that quite a few people have fallen victim to this security breach. The average amount that customers have lost falls within the range of Rs 50,000 to Rs 70,000 as a result of multiple transactions that are carried out without requiring an OPT for verification. According to the reports being shared on social media, the transactions are often conducted on the Apple Store and Uber.

This apparently has been a persistent problem for months and Standard Chartered has neither admitted that this is an issue the bank is facing, nor has it attempted to address it in a transparent manner. Such an indifferent attitude to customer welfare and privacy is extremely concerning. The only recourse if one falls victim to this scam is going through a painstakingly long six-month process to get your money back.

This is a matter that should be escalated to the regulatory authorities as it needs to be addressed urgently. Standard Chartered is not the only bank that is plagued by lax controls as there have been reports of serious data breaches in other banks as well in recent times. There have been many instances of scammers emulating the UAN number of banks and calling customers for “verification” purposes. What makes the scam convincing is the fact that the scammers are already in possession of confidential details such as the individual’s bank account number, CNIC, and address.

This is clearly a sector-wide issue and the SBP must audit the security protocols of commercial banks and get to the bottom of why their governance structures are so weak and why data hacks are not being reported to the central bank.