The Mumbai-based central securities depository Central Depository Services Limited (CDSL) recently announced that its systems have suffered from a malware attack. In a filing with the Indian National Stock Exchange, CDSL said that the malware they detected had affected a few of its internal machines.
As the second-largest securities depository in India after the National Depository Services Limited (NDSL), CDSL holds its clients’ securities and their transactions and has facilitated stock exchanges’ trade settlements since its foundation in 1999.
The securities depository’s filing stated that the company immediately isolated the affected internal machines as a preventive measure and disconnected them from other capital market constituents. The company’s security team is continually investigating the incident and said no confidential data had been compromised.
After being down for a few days, the CDSL website returns to normal operations.
However, the Indian securities depository company had not disclosed further details about the malware that struck them.
A media representative shared that CDSL had declined to provide information to queries about the cyberattack incident. The securities depository company ensured that their team was working hard toward resolving the incident.
In a press release published last November 14, the Indian securities depository company said that they intend to maintain and serve about 75 million trader accounts of investors across India. Some of the firm’s significant shareholders include the Bombay Stock Exchange and Standard Chartered Bank.
CDSL also mentioned in the filing that its security team has reached out to relevant authorities that could assist them in mitigating the incident, alongside cybersecurity advisors that can help analyse the cyberattack’s impact.
While the incident resolution is in progress, the company said that funds payout and securities would be temporarily delayed as a cause of the affected clearing and settlement processes.
In November last year, CDSL’s subsidiary “CDSL Ventures” also experienced a cybersecurity issue involving the alleged exposure of over 43.9 million Indian investors’ sensitive personal and financial information. The exposure resulted from containing the people’s data in unsecured storage.