The crime was carried out through a series of cleverly disguised phishing emails sent to bank employees
Published Date – Saturday, July 23 at 07:05pm
Hyderabad: First, efforts by the city police cybercrime unit led the Reserve Bank of India (RBI) to fine Hyderabad’s AP Mahesh Co-operative Urban Bank for “blatant non-compliance with cybersecurity” framework for junior (urban) cooperative banks.
On January 24 last year, AP Mahesh Co-operative Urban Bank Limited reported an incident of cyber fraud in which a hacker broke into the bank’s system and illegally stole Rs 1,248 crore.
The crime was carried out via a series of cleverly disguised phishing emails sent to bank employees. Once these malicious emails were opened, employees’ systems were compromised, giving fraudsters full access to the bank’s network.
After the Hyderabad police opened the case, a nationwide effort led to the arrest of several people, including Nigerians suspected of being involved in the scam.
A news release from the city police on Saturday said the investigation also revealed “negligence by the bank, as evidenced by its failure to implement cybersecurity measures such as anti-phishing applications, intrusion prevention and detection systems, and real-time threat “Defense and Regulatory System, mandated by Reserve Bank of India.
Hyderabad police chief CV Anand wrote to the RBI, highlighting the bank’s serious failures and asking for the suspension of the bank’s operating license.
While the current legal framework does not allow for criminal negligence charges against the bank’s management, the city police pursued the matter, which resulted in a Rs 6.5 lakh fine imposed by the RBI.
“RBI’s thorough cyber audit and police investigation revealed major failures by the bank which led to the breach. This is the first time such action has ever been taken against any bank. All banks should adhere to cybersecurity practices to avoid loss of public funds and critical data,” Anand said.
