YES BANK
Company Details
Linkedin ID:
yes-bank
Website:
Employees number:
36,851
Number of followers:
1,244,050
NAICS:
52211
Industry Type:
Homepage:
yesbank.in
IP Addresses:
0
Company ID:
YES_2307931
Scan Status:
In-progress
YES BANK Company CyberSecurity Posture
yesbank.in
YES BANK is a leading Indian private sector bank committed to transforming the financial landscape of India. With over 1200 branches nationwide and a dedicated team of YES BANKers, we strive to deliver exceptional banking solutions and empower individuals, businesses and communities to thrive. At YES BANK, we believe in the power of innovation and transparency. Operating in Retail, MSME and Corporate banking sectors, we are a full service bank and offer an extensive range of financial services. We leverage cutting-edge technology & industry insights to meet the evolving needs of our diverse clientele. One in three UPI transactions in the country are processed by YES BANK. Driven by our core values, we aim to build long lasting relationships with our customers and stakeholders. Our robust risk management framework ensures the safety and security of your finances, while our unwavering commitment to sustainability drives us to create a positive impact on society and the environment. We recognize the potential within each person and strive to unlock it through opportunities for growth, learning and innovation. Joining our ranks means joining a vibrant ecosystem of individuals who are passionate about making an impact and shaping the future of banking. Together, let’s create a future where your dreams can flourish and make a lasting impact. Note: YES BANK will NEVER ask you to reveal your User ID or Password. Therefore, never disclose your credentials (User ID, Password, OTP, PIN etc.) to anyone either through mail or over phone. If you receive any mail asking you to update or authenticate your User ID or Password, please DO NOT fall into the trap of putting in your Password or OTP or PIN.
YES BANK A.I CyberSecurity Scoring
YES BANK Risk Score (AI oriented)Between 750 and 799
YES BANK
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
YES BANK Global Score (TPRM)XXXX
YES BANK
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
YES BANK Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
YES BANK
Breach
Rankiteo Explanation
Attack threatening the organization’s existence
Description: Several Indian banks have taken drastic steps in response to a security breach that may have compromised up to 3.25 million debit cards—or 0.5% of the approximately 700 million debit cards that Indian banks have issued. The financial institution is Hitachi Payment Services, a subsidiary of Hitachi Ltd. that oversees ATM network processing for Yes Bank Ltd., according to banking industry insiders. After that, the State Bank of India quickly disabled a few clients' debit cards, and it was currently replacing those cards to stop fraud. The top three private sector lenders, ICICI Bank, HDFC Bank, and Axis Bank, each stated in separate announcements that there may have been card account breaches following usage at non-bank ATMs. Additionally, certain consumers' debit cards are being reissued by Standard Chartered's Indian division.
YES BANK Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for YES BANK
Incidents vs Banking Industry Average (This Year)
No incidents recorded for YES BANK in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for YES BANK in 2025.
Incident Types YES BANK vs Banking Industry Avg (This Year)
No incidents recorded for YES BANK in 2025.
Incident History — YES BANK (X = Date, Y = Severity)
YES BANK cyber incidents detection timeline including parent company and subsidiaries
YES BANK Company Subsidiaries
YES BANK is a leading Indian private sector bank committed to transforming the financial landscape of India. With over 1200 branches nationwide and a dedicated team of YES BANKers, we strive to deliver exceptional banking solutions and empower individuals, businesses and communities to thrive. At YES BANK, we believe in the power of innovation and transparency. Operating in Retail, MSME and Corporate banking sectors, we are a full service bank and offer an extensive range of financial services. We leverage cutting-edge technology & industry insights to meet the evolving needs of our diverse clientele. One in three UPI transactions in the country are processed by YES BANK. Driven by our core values, we aim to build long lasting relationships with our customers and stakeholders. Our robust risk management framework ensures the safety and security of your finances, while our unwavering commitment to sustainability drives us to create a positive impact on society and the environment. We recognize the potential within each person and strive to unlock it through opportunities for growth, learning and innovation. Joining our ranks means joining a vibrant ecosystem of individuals who are passionate about making an impact and shaping the future of banking. Together, let’s create a future where your dreams can flourish and make a lasting impact. Note: YES BANK will NEVER ask you to reveal your User ID or Password. Therefore, never disclose your credentials (User ID, Password, OTP, PIN etc.) to anyone either through mail or over phone. If you receive any mail asking you to update or authenticate your User ID or Password, please DO NOT fall into the trap of putting in your Password or OTP or PIN.
Loading...
YES BANK Similar Companies
PT Bank Danamon Indonesia Tbk
PT Bank Danamon Indonesia Tbk (BEI: BDMN) didirikan pada tahun 1956. Per 31 Desember 2024, Danamon mengelola aset konsolidasian sebesar Rp242 triliun dengan anak perusahannya, Adira Finance. Dalam hal kepemilikan saham, 92,47% saham Danamon dimiliki oleh MUFG, dan 7,53% lainnya dimiliki oleh publik.
Bandhan Bank
Started as a universal bank on August 23, 2015, Bandhan Bank is one of India’s fastest-growing private sector banks. Bandhan Bank has always been committed to financial inclusion and aims to serve the underserved. Guided by the principle of ‘Aapka Bhala, Sabki Bhalai,’ the Bank is dedicated not only
BNP Paribas
BNP Paribas is a leading bank in Europe with an international reach. It has a presence in 64 countries, with more than 178,000 employees, including more than 144,000 in Europe. BNP Paribas holds leading positions in its three major operating divisions: ⚆ Commercial, Personal Banking & Services for
BBVA
At BBVA we are leading the transformation of banking worldwide, united in pursuing our goal of bringing the age of opportunity to everyone. Firmly focused on the future, our on-going digital transformation is already producing disruptive innovations that power our vision of banking. Every one of o
HDFC Bank is India's largest private sector bank, offering a comprehensive range of financial products and services to our customer base of over 92 million. Our extensive distribution network of 8,919 branches and 21,031 ATMs across 3,836 cities and towns as of August 2024, reaches every corner of t
IDBI Bank
Welcome to IDBI Bank's LinkedIn page! We are a leading bank in India, with a rich legacy. At IDBI Bank, we believe in empowering our customers by providing them with a wide range of banking products and services to meet their financial needs. Whether you are an individual, a small business owner,
Akbank
Akbank was founded as a local bank in Adana in January 1948. Established originally with the core objective to provide funding to local cotton producers, the Bank opened its first branch in the Sirkeci district of Istanbul on July 14, 1950. In 1954, after relocating its Head Office to Istanbul, the
Banco Santander (SAN SM, STD US, BNC LN) is a leading commercial bank, founded in 1857 and headquartered in Spain and one of the largest banks in the world by market capitalization. The group’s activities are consolidated into five global businesses: Retail & Commercial Banking, Digital Consumer Ban
Groupe Crédit Agricole
The Crédit Agricole group is the leading partner of the French economy and one of the largest banking groups in Europe. It is the leading retail bank in Europe as well as the first European asset manager, the first bancassurer in Europe and the third European player in project finance. Built on its
.png)
YES BANK CyberSecurity News
November 13, 2025 09:04 AM
Banks move to '.bank.in' domain from '.com': Here's why RBI made the change
All major Indian banks, including the State Bank of India (SBI), ICICI Bank, HDFC Bank and Axis Bank, have moved their official websites...
November 05, 2025 10:30 AM
From IT to Influence: Mashreq Bank’s CISO on Redefining Cybersecurity Leadership
Mashreq CISO Olivier Busolini tells Infosecurity how the modern CISO role must evolve from protection to business enablement.
October 28, 2025 07:00 AM
Money Trail Uncovered in Yes Bank–Reliance Deal: CBI Exposes ₹2,600 Crore Fund Diversion Network
A Central Bureau of Investigation (CBI) probe into financial transactions between Yes Bank and the Anil Ambani-led Reliance Group has...
October 27, 2025 07:00 AM
YES Bank share price target raised; ICICI Sec on SMBC's absence of promoter tag
ICICI Securities said teh return on asset (RoA) for YES Bank has moderated sequentially to 0.6 per cent. CASA growth was healthy at 30 and...
October 17, 2025 07:00 AM
Exclusive: SMBC rules out raising stake in Yes Bank beyond 25%, Yes shares tumble
Japanese lender Sumitomo Mitsui Banking Corporation has no immediate plans to raise its stake in India's Yes Bank beyond 24.99%, a senior...
October 12, 2025 07:00 AM
Banking Central | RBI's digital innovation: Laudable moves but caution is a must
The Reserve Bank of India (RBI) continues its leadership in digital finance with the recent announcement of the Unified Markets Interface...
October 12, 2025 07:00 AM
CBI Investigation Reveals Complex Financial Transactions Between Reliance ADA Group, Yes Bank, and RNMF
CBI alleges that Anil Ambani's Reliance ADA Group, Yes Bank's Rana Kapoor, and Reliance Nippon misused public funds bypassing SEBI rules.
October 06, 2025 07:00 AM
IMC 2025: India’s Tech Powerhouse | 6G, AI, Cybersecurity, Startup Revolution & More
Union Minister Jyotiraditya Scindia highlighted that the upcoming IMC 2025 will feature six major events, showcasing India's significant...
September 19, 2025 07:00 AM
Weekly Global News Wrap: Yes Bank ex-CEO charged; US banks cut rates
Major US lenders lowered a key interest rate on 17 September after the Federal Reserve cut interest rates for the first time this year.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
YES BANK CyberSecurity History Information
Official Website of YES BANK
The official website of YES BANK is http://www.yesbank.in.
YES BANK’s AI-Generated Cybersecurity Score
According to Rankiteo, YES BANK’s AI-generated cybersecurity score is 768, reflecting their Fair security posture.
How many security badges does YES BANK’ have ?
According to Rankiteo, YES BANK currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does YES BANK have SOC 2 Type 1 certification ?
According to Rankiteo, YES BANK is not certified under SOC 2 Type 1.
Does YES BANK have SOC 2 Type 2 certification ?
According to Rankiteo, YES BANK does not hold a SOC 2 Type 2 certification.
Does YES BANK comply with GDPR ?
According to Rankiteo, YES BANK is not listed as GDPR compliant.
Does YES BANK have PCI DSS certification ?
According to Rankiteo, YES BANK does not currently maintain PCI DSS compliance.
Does YES BANK comply with HIPAA ?
According to Rankiteo, YES BANK is not compliant with HIPAA regulations.
Does YES BANK have ISO 27001 certification ?
According to Rankiteo,YES BANK is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of YES BANK
YES BANK operates primarily in the Banking industry.
Number of Employees at YES BANK
YES BANK employs approximately 36,851 people worldwide.
Subsidiaries Owned by YES BANK
YES BANK presently has no subsidiaries across any sectors.
YES BANK’s LinkedIn Followers
YES BANK’s official LinkedIn profile has approximately 1,244,050 followers.
NAICS Classification of YES BANK
YES BANK is classified under the NAICS code 52211, which corresponds to Commercial Banking.
YES BANK’s Presence on Crunchbase
Yes, YES BANK has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/yes-bank.
YES BANK’s Presence on LinkedIn
Yes, YES BANK maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/yes-bank.
Cybersecurity Incidents Involving YES BANK
As of November 27, 2025, Rankiteo reports that YES BANK has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
YES BANK has an estimated 6,716 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at YES BANK ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does YES BANK detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with disabled and reissued debit cards..
Incident Details
Can you provide details on each incident ?
Title: Compromise of 3.25 Million Debit Cards in India
Description: Several Indian banks have taken drastic steps in response to a security breach that may have compromised up to 3.25 million debit cards—or 0.5% of the approximately 700 million debit cards that Indian banks have issued. The financial institution is Hitachi Payment Services, a subsidiary of Hitachi Ltd. that oversees ATM network processing for Yes Bank Ltd.
Type: Data Breach
Attack Vector: Non-bank ATMs
Motivation: Fraud
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach YES173751123
Data Compromised: 3.25 million debit cards
Systems Affected: ATM network processing
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Debit card information.
Which entities were affected by each incident ?
Incident : Data Breach YES173751123
Entity Name: State Bank of India
Entity Type: Bank
Industry: Finance
Location: India
Incident : Data Breach YES173751123
Entity Name: ICICI Bank
Entity Type: Bank
Industry: Finance
Location: India
Incident : Data Breach YES173751123
Entity Name: HDFC Bank
Entity Type: Bank
Industry: Finance
Location: India
Incident : Data Breach YES173751123
Entity Name: Axis Bank
Entity Type: Bank
Industry: Finance
Location: India
Incident : Data Breach YES173751123
Entity Name: Standard Chartered
Entity Type: Bank
Industry: Finance
Location: India
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach YES173751123
Containment Measures: Disabled and reissued debit cards
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach YES173751123
Type of Data Compromised: Debit card information
Number of Records Exposed: 3.25 million
Sensitivity of Data: High
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by disabled and reissued debit cards.
Additional Questions
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident was 3.25 million debit cards.
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Disabled and reissued debit cards.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was 3.25 million debit cards.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 3.2M.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=yes-bank' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
