The Reserve Bank of India (RBI) has asked banks to ensure customers’ debit and credit card information is safe and investigate reports that say data of 1.3 million accounts were available online, a warning is seen by Reuters noted. Banks should defend the customers’ data by doing a preliminary analysis of the leaked card data online, the RBI notice said, and cited an article by tech news site ZDNet on Tuesday.

Three industry sources approved to Reuters the notice had been sent to Indian banks. The RBI did not instantly respond to a request for comment.
“On finding leaked data to be correct and genuine, disable and re-issue the credit and debit cards as per the bank’s policy,” said the notice dated Oct. 29.

“The database contains only credit and debit card Track2 dumps while its name suggests that it holds both Track 1 and Track 2 records,” Garkel said after he reviewed various sources of information that have emerged since the data leak. “Track 2 dumps can be used to produce cloned cards for further cashing out. About 18 percent of the records come from one particular Indian bank.”