By Ashwani Mishra, Editor-Technology, 63SATS Cybertech
Cybercriminals allegedly siphoned off a staggering ₹11.55 crore from the Himachal Pradesh State Cooperative Bank by hacking its server — not from outside firewalls, but through a customer’s mobile phone.
The audacious breach took place over the weekend of May 11-12, when most of the country was preoccupied with holiday travel or election news. But for one cooperative bank in the hills of Himachal Pradesh, it was the beginning of a nightmare.
According to reports, fraudsters exploited a vulnerability in the HimPaisa mobile app — a platform used by customers for internet and mobile banking — by compromising the mobile phone of a customer from the Hatli branch in Chamba district.
What began as a targeted compromise of a single customer spiralled into one of the most sophisticated digital heists in recent times.
Cracking the Core
Once inside the system, the hackers allegedly gained unauthorized access to the bank’s core server and triggered a series of unauthorized transactions. Using NEFT and RTGS payment channels, they managed to funnel ₹11.55 crore into 20 different accounts, a move that suggests meticulous pre-planning and knowledge of interbank transfer systems.
What makes this breach more concerning is not just the amount siphoned off, but the delay in detection.
Since May 13 was a holiday, the anomaly went unnoticed until May 14, when the Reserve Bank of India’s daily transaction report flagged the suspicious activity.
When Cybersecurity Fails
The bank’s Chief Information Security Officer quickly filed a ZERO FIR at Shimla’s Sadar police station, triggering an official investigation. The case has now been handed over to the state’s Cyber Police Station, as experts are called in to dissect how a customer’s app could become the key to breaching a financial institution’s backend.
While some reports suggest the breach occurred via the HimPaisa mobile app, bank Managing Director Sharwan Manta insisted that the attackers primarily targeted the internet banking platform.
A single compromised device, if not properly sandboxed, can act as a backdoor into enterprise networks. And for cooperative banks, which often operate with leaner IT infrastructure than large private banks, the risk is exponentially higher.
Industry experts suggest that while security protocols exist, many regional banks lack real-time anomaly detection systems or automated kill switches for large-volume transfers, which might have stopped this heist in its tracks.
What Lies Ahead
The incident has sent shockwaves through India’s cooperative banking sector, raising urgent questions about endpoint security, user device integrity, and institutional response protocols. A forensic investigation is now underway, with all 20 accounts under scrutiny for possible mules or money laundering links.
The weakest link isn’t the server — it’s the device in your hand.
As the probe deepens and recovery efforts begin, one thing is clear — the attackers didn’t just steal money; they exposed a critical gap in India’s digital banking armor.
