Indian Companies At Center Of Global Cyber Heist


DUBAI – Two companies with major operations in India were the weak links that opened the door to a $45 million global cyber heist brought to light by US authorities this week.

EnStage Inc, which operates from Bangalore, and ElectraCard Services, which is based in Pune, processed card payments for the two Middle Eastern banks that were hit in the theft, according to several people familiar with the situation.

US prosecutors said on Thursday that hackers broke into two card processing companies, raising the balances and withdrawal limits on accounts that were then exploited in coordinated ATM withdrawals around the world.

The prosecutors did not name the two companies but said one was based in India and the other in the United States.

According to a US official and a bank employee, who both spoke on condition of anonymity, ElectraCard Services was the company that processed prepaid travel cards for National Bank of Ras Al Khaimah PSC. RAKBANK suffered a $5 million coordinated heist at ATMs around the world on December 21 last year, according to the US indictment.

Ramesh Mengawade, the chief executive of ElectraCard Services and its parent company, Opus Software Solutions, could not be reached through his assistant or by email on Saturday. Calls to the mobile phone of another company official were not answered.

EnStage, which is incorporated in Cupertino, California, is the company that processed card payments for Bank of Muscat of Oman, according to a source close to Bank of Muscat. Bank of Muscat lost $40 million in a coordinated heist on February 19, according to Thursday’s indictment.

Officials at enStage could not be reached on Saturday, either in Bangalore or in Cupertino. In a statement in the Times of India, Chief Executive Govind Setlur said the company has implemented security enhancements and monitoring since the theft.

“Our customers were adversely affected by this sophisticated crime,” Setlur said in the statement. “We are deeply committed to information security, and we will continue to take all reasonable measures to ensure our networks are secured from criminal actors.”