Meezan Bank has addressed concerns over unauthorized debit card transactions, compensating at least ten affected customers following reports of potential third-party data breaches. The bank clarified that its systems remain secure, attributing the incidents to customers sharing sensitive information on websites or apps that bypass OTP verification, making their data vulnerable to exploitation.
A Meezan Bank user posted on Facebook, “Yesterday at 7:25 PM, I discovered multiple unauthorized transactions on my Meezan Bank debit card. I want to clarify that I have never used my card on Facebook or any other online platform, which makes this incident particularly alarming. I have already filed a fraud complaint with the bank and am currently awaiting their response.”
Multiple similar complaints have surfaced online, with users reporting unauthorized transactions, including those in Malaysian currency, many of which were linked to online platforms. Meezan Bank has reported receiving fewer than ten complaints over the past week, assuring that all impacted customers have been reimbursed according to the bank’s established protocols for incidents involving insecure external platforms.
The recent incident highlights the growing alarm over cybercrime in Pakistan, leading the government to suggest changes to the Prevention of Electronic Crimes Act (PECA) 2016. The proposed modifications seek to fill the existing voids in legislation related to digital deception and information security violations.
However, experts have raised concerns about the government’s inconsistent approach to tackling cybercrimes, particularly following the recent diminishment of the Federal Investigation Agency’s (FIA) cybercrime division and the ambiguous prospects for the newly formed National Cyber Crime & Investigation Authority (NCCIA).
Despite this, Meezan Bank, recently named the Best Bank of 2024, reassured customers of its commitment to maintaining secure banking systems. This incident, however, highlights the vulnerabilities inherent in third-party platforms and the increasing need for stronger cybersecurity measures to safeguard consumer data.
