Fraudulent withdrawals have been reported from 19 banks so far. A few banks have complained that their customers' cards were used fraudulently abroad, mainly in China and the US while the customers were in India.
"We have sent mails to the banks seeking information on the fraudulent withdrawals and other details," an official of the Cyber Crime Cell of Maharashtra Police told PTI.
According to the official, the data security breach came to light two months ago, but none of the banks have approached the Mumbai Police yet.
According to the National Payments Corporation of India, as many as 641 customers across 19 banks have been duped of Rs 1.3 crore using stolen debit card data.
More From This Section
Several banks, including state-owned SBI, have recalled a number of cards, while many others blocked the ones suspected to have been compromised and asked their customers to change PIN (personal identification number) before use.
There are around 60 crore debit cards operational in India, of which 19 crore are indigenously-developed RuPay ones while the rest are Visa- and Master Card-enabled.
Among private sector players, ICICI Bank, HDFC Bank and Yes Bank have asked customers to change their ATM PINs. HDFC Bank also has advised its customers to use its own ATMs for carrying out any transaction.
The suspected security breach happened through a malware in the systems of Hitachi Payments Services, which serves ATM network of Yes Bank and also some white-label ATMs.
The Centre today assured customers that there is no cause for alarm and prompt action will be taken and Finance Minister Arun Jaitley asking RBI and banks to submit a report on the issue.