Cyber Threat Actor: Nirav Modi
| Actor Type | Location | Known Incidents |
Criminal
|
India
|
1 incident |
|---|
Profile
Nirav Modi is the alias used to refer to the threat actor associated with the 2018 Punjab National Bank data breach, and the actor is known to be based in India. No additional aliases or geographic details are provided in the source material. The actor’s known activity is limited to the single incident described, and no further operational history is publicly documented in the context supplied.
On February 22 2018, a cybersecurity incident at Punjab National Bank resulted in the compromise of approximately ten thousand credit and debit card accounts. The breach exposed sensitive payment card information, including cardholder names, expiration dates, personal identification numbers, and CVV codes. According to the reported summary, the compromised data remained accessible on a dark web platform for at least three months, although there was no confirmed evidence of actual misuse at the time of reporting. The incident occurred while the bank was already dealing with unrelated internal fraud investigations, which added to the institution’s operational challenges. The exposure of comprehensive card credentials created a heightened risk of financial fraud and identity theft for the affected customers, as noted in the source description.
Given the information available, the actor’s targeting appears to be focused on the financial sector within India, with the apparent objective of obtaining payment card data that could be used for illicit financial gain. No details regarding malware families, initial access vectors, specific tools, or broader tooling style are mentioned in the provided sources, so those aspects cannot be described. Likewise, no public attribution to a state sponsor, criminal consortium, or other affiliations is evident from the material. The Punjab National Bank breach stands as the sole publicly reported operation linked to this alias, and no additional campaigns or activities are cited in the context. Consequently, the profile is confined to the confirmed facts outlined above, without extrapolation beyond the supplied information.
