A bug in ICICI’s iMobile Pay app exposed the credit card details of 17,000 new customers, sending them to the wrong users.

The bank said it has blocked the affected cards and is issuing replacements.

On the finance-related forum Technofino, several users reported seeing sensitive data such as the full card number, expiry date, and CVV of unknown customers’ credit cards of some users suddenly on their iMobile Pay app.

ICICI Bank spokesperson said that it came to their notice that “about 17,000 new credit cards which were issued in the past few days were erroneously mapped in our digital channels to wrong users”.

Buy Me A Coffee

“No instance of misuse of a card from this set has been reported to us. However, we assure that the Bank will appropriately compensate a customer in case of any financial loss,” the spokesperson added.

According to the bank, the number of impacted credit cards constituted “about 0.1 percent of the bank’s credit card portfolio”.

“As an immediate measure, we have blocked these cards and are issuing new ones to the customers. We regret the inconvenience caused,” said the ICICI Bank spokesperson.

The iMobile Pay app, launched in 2008, has more than 28 million users.

Understanding Spear Phishing: The Personalized Cyber Threat