Feb 28, 2020

Sampath Bank ATMs, unsafe - ITSSL Featured

The Information Technology Society of Sri Lanka (ITSSL) all Sampath Bank ATMs across the country contain a security flaw which enables cash and data thefts of customers.In a statement, Chairman of the ITSSL - Rajeev Yasiru Kuruwitage Mathew says that although they attempted to inform the bank's Chief Technical Officer on several occasions, their attempts were in vain due to the company's negligent attitude towards the issue.

In a backdrop where concerns on the technical flaws of Sampath Bank ATMs are being raised even in social media, it is regrettable that the bank is not giving ample attention to the matter, the statement adds.

The ITSSL points out that the technical flaw makes it possible to steal data of any credit or debit card inserted to a Sampath Bank ATM and that it is also possible to add 'malicious commands' to the machine.

They add that the machines are still running on the outdated OS version - WIndows 7.

Since the company is not taking measures to rectify the flaw, the ITSSL urges Sampath Bank account holders to be more cautious when using the bank's ATM machines.

A post that appeared on social media on this regard as well as the ITSSL statement are as follows :
Security Vulnerabilities Sampath FB

Security Vulnerabilities Sampath Letter