YES BANK Vendor Cyber Rating & Cyber Score

Description: BookMyForex Suffers Major Data Breach, Thousands Defrauded in International Transactions BookMyForex, the foreign exchange platform owned by MakeMyTrip, has experienced a significant data breach, leading to widespread fraud affecting thousands of users. The incident, first reported by affected customers on social media, involved unauthorized transactions in US dollars and Brazilian real, with many users unable to access the platform to lock their forex cards. Victims reported seeing multiple unauthorized transactions, including failed and successful charges, while being locked out of their accounts. One user described funds being drained in real time, while another noted transactions in Brazilian real with no way to contact customer support. In response, BookMyForex acknowledged the issue on X (formerly Twitter), stating that the matter had been escalated to its banking partner, Yes Bank, and assuring users that their funds were secure. Yes Bank is expected to initiate chargeback proceedings for impacted customers. Preliminary investigations suggest cyberattackers gained access to sensitive card details, including numbers, expiry dates, and CVVs, likely through a compromised database or third-party system. The attackers reportedly conducted small test transactions to verify card validity before executing higher-value fraudulent purchases. A notable portion of the fraudulent activity targeted Brazilian real transactions, possibly to exploit weaker KYC controls in international markets and delay detection. The Reserve Bank of India (RBI) had previously proposed compensating customers up to ₹25,000 for digital fraud losses, though the latest banking report shows a decline in the number of fraud cases (5,092 in the first half of FY26 compared to 18,386 a year earlier). However, the total value of frauds surged to ₹21,515 crore from ₹16,569 crore during the same period. Neither BookMyForex nor Yes Bank has provided an official statement on the breach.

Description: Yes Bank Investigates Massive Fraud Involving Unauthorized Overseas Transactions Yes Bank, one of India’s leading financial institutions, is probing a large-scale fraud involving unauthorized transactions on customers’ foreign exchange (forex) cards. The incident has affected approximately 5,000 customers, resulting in collective losses of around $280,000 from illicit overseas transactions. The bank has refuted claims of a data breach but has not yet disclosed the exact cause of the fraud. Meanwhile, BookMyForex, a forex services platform associated with the transactions, has also denied any breach of its systems. The investigation remains ongoing as authorities work to determine how the unauthorized access occurred and whether internal or external vulnerabilities were exploited. The incident underscores growing concerns over financial fraud targeting digital payment systems, particularly in cross-border transactions. No timeline for resolution or further details on affected customers have been released.

Description: Several Indian banks have taken drastic steps in response to a security breach that may have compromised up to 3.25 million debit cards or 0.5% of the approximately 700 million debit cards that Indian banks have issued. The financial institution is Hitachi Payment Services, a subsidiary of Hitachi Ltd. that oversees ATM network processing for Yes Bank Ltd., according to banking industry insiders. After that, the State Bank of India quickly disabled a few clients' debit cards, and it was currently replacing those cards to stop fraud. The top three private sector lenders, ICICI Bank, HDFC Bank, and Axis Bank, each stated in separate announcements that there may have been card account breaches following usage at non-bank ATMs. Additionally, certain consumers' debit cards are being reissued by Standard Chartered's Indian division.