Ransomware attack shuts down hundreds of banks, disrupts UPI payments: Here’s what went wrong

A significant ransomware assault on C-Edge Technologies, a key tech service provider for small banks in India, has led to a temporary halt in payment systems across nearly 300 local banks, as reported by Reuters.

The National Payments Corporation of India (NPCI) announced via its X handle that C-Edge Technologies, which primarily supports cooperative and regional rural banks, has been targeted by a ransomware attack. To mitigate further risks to the payment infrastructure, NPCI has temporarily cut off C-Edge Technologies from its retail payment networks. As a result, customers of banks relying on C-Edge’s services are currently unable to access payment systems.

NPCI stated, “We have isolated C-Edge Technologies from our retail payment systems to safeguard the broader payment ecosystem. Restoration efforts are in full swing, and a comprehensive security review is underway. We are working diligently to restore connectivity for the impacted banks as soon as possible.”

The Reserve Bank of India (RBI), which regulates banking and payment systems, has yet to comment on the incident. Similarly, C-Edge Technologies has not responded to requests for information.

The NPCI's advisory stated that this measure is aimed at containing the attack's spread. The disruption affects only a small fraction—approximately 0.5%—of the country’s payment volumes, mainly impacting banks operating in rural and semi-urban areas.

The RBI and Indian cyber authorities had recently alerted financial institutions about potential cyber threats, underscoring the seriousness of this incident. Meanwhile, NPCI is conducting a thorough audit to ensure the breach does not have further repercussions.

As the situation develops, both banks and customers are advised to stay informed and vigilant regarding any updates from the authorities.

(With inputs from Reuters)