The Reserve Bank of India has no system of alerting or informing customers whose personal data has been compromised in financial cybersecurity incidents like a data breach, RTI documents obtained by Entrackr revealed.
“As the regulator responsible to keep financial transactions safe, RBI is duty bound to explain the nature of data breaches in digital payment firms and educate people about various social engineering attacks they might face because of these breaches,” Kodali told Entrackr.
Under the upcoming Personal Data Protection Bill, which remains delayed thus far, companies who face a data breach will have to notify it to a Data Protection Authority, which will finally decide whether or not the breach should be notified to customers.
[Via]
