CDSL Detects Malware In Its Internal Systems, Says Investors’ Data Safe

CDSL admitted that its internal network was compromised by malware. However investors’ data are still safe in the CDSL network.

The largest central securities depository in India, Central Depository Services Limited, or CDSL, claims that malware has infected its systems.

The securities depository CDSL said on Friday that it had discovered malware affecting “a number of its internal machines” in a filing with India’s National Stock Exchange.

As a matter of extreme care, the company immediately removed itself from other participants in the capital market and isolated the equipment, according to the document.

According to CSDL, it is still looking into the event and has “no reason to think that any sensitive data or the investor data has been exposed” as a result.

CDSL has not yet made the precise specifications of the malware public. The company’s website wasn’t operational at the time of writing. If the two are connected, the corporation declined to say so.

An agency representative, Banali Banerjee, stated that CDSL refuses to respond to our additional inquiries, including whether the business keeps logs that would enable it to ascertain what, if any, data was exfiltrated from its networks. The representative stated that “resolutions” were being sought.

According to Mumbai-based CDSL, there are over 75 million trader accounts, also known as demat accounts, held by investors throughout the nation. 

Among the company’s main shareholders are the Bombay Stock Exchange, Standard Chartered Bank, and Life Insurance Corporation.

After the National Depository Services Limited, the nation’s first and oldest securities depository, CDSL was founded in 1999 and is the first publicly listed securities depository in India. 

The CDSL simplifies trade settlement on stock exchanges and permits the keeping of securities and associated transactions in electronic form.

The company stated in its stock exchange filing that “The CDSL team has reported the event to the appropriate authorities and is engaging with its cyber security advisers to investigate the implications.”

The depository stated in a filing with the National Stock Exchange on Friday that it “immediately isolated the computers and withdrew itself from other constituents of the capital market as a matter of abundant caution.” According to the filing, CDSL discovered malware on a couple of its internal computers.