Small Indian banks back online after ransomware attack, payments authority says

MUMBAI (Reuters) - Nearly 300 small Indian banks which were forced to go offline a day earlier due to a ransomware attack were back online on Thursday, the National Payments Corporation of India, an authority that oversees payments systems, said.

The attack had affected C-Edge Technologies, a technology service provider to the banks. India has about 1,500 cooperative and rural regional banks, which largely serve customers in hinterland areas, one-fifth of which were affected by the attack.

The NPCI had temporarily isolated these banks from accessing the country's retail payments system to prevent the spread of the attack, Reuters had reported on Wednesday.

A security review by a forensic audit firm has confirmed that the attack did not spread to the systems of the lenders and was limited to C-Edge's systems, the NPCI said.

The impacted banks will now be able to resume payments via the United Payments Interface and other payment systems operated by the NPCI.

The attack had affected Brontoo Technology Solutions, a key collaborator of C-Edge Technologies, and was carried out by a ransomware group called RansomEXX, according to a report by cyber-security firm CloudSEK released on Thursday.

(Reporting by Jaspreet Kalra; Editing by Mrigank Dhaniwala)