One of the largest depositories in India, Central Depository Services (CDSL), said that it has detected malware in some of its computers. According to the filing with India’s National Stock Exchange, the securities depository said that the company immediately isolated the machines and disconnected itself from other capital market constituents due to the cyber attack on CDSL. “The CDSL team has reported the incident to the relevant authorities and is working with its cybersecurity advisers to analyze the impact. Resolution of the incident is in process, subsequent to which settlement activities would be completed,” CDSL said in a notice.
Cyber Attack on CDSL: Users’ Data was not Compromised
According to initial findings, the company said, there is no reason to believe that any confidential information or investor data has been compromised. CDSL is counted as one of the largest depositories in India that claim to maintain and service nearly 75 million trader accounts. At the end of August, CDSL operated around 71.6 million Demat accounts with assets under custody of Rs 38.5 trillion.
In October 2021, a vulnerability at CDSL Ventures Limited exposed the personal and financial data of over 43 million investors; that took around seven days to fix the bug, which could have been resolved immediately, according to the Cyber security consultancy startup, CyberX9.
Sebi Working to Mitigate Cyberattacks
The Securities and Exchange Board of India (Sebi) is working on a system to mitigate the risk of cyber attacks on stock exchanges. The chairperson Madhabi Puri Buch said in a statement, “We are all worried about cyber security. We ensure that all our exchanges have a good disaster recovery plan in place. But nothing accounts for software breakdown.” Revealing the plan, she added; “If exchange A were to go down and if Sebi determines this is on account of a cyber attack and it is not going to be possible for the exchange’s disaster recovery site to come up on time, Sebi will press the button for that data to be uploaded on exchange B’s systems so that every participant in the market will be able to participate as if it was operating on exchange A.”