In a stunning cyber heist, over ₹16 crore was stolen from Nainital Bank’s Noida branch after cybercriminals hacked the bank’s servers and transferred the money to 89 different accounts. The incident occurred between June 16 and June 20, with the thieves gaining access to the bank’s Real Time Gross Settlement (RTGS) system by hacking the login credentials of the branch manager. This breach allowed them to siphon off ₹16.5 crore in just a few days.

Nainital Bank's Noida Branch
Image Source:
LinkedIn

The heist was discovered by the bank’s IT manager, Sumit Kumar Srivastava, during a routine audit on June 17. While reconciling the balance sheet for June, Mr. Srivastava noticed a shortfall of ₹3,60,94,020. Despite multiple attempts to reconcile the accounts, the missing funds could not be accounted for, eventually revealing the full extent of the theft.

According to Mr. Srivastava’s complaint filed at the cyber crime police station, the bank’s servers had been compromised, leading to the unauthorized withdrawals. The cybercriminals exploited the manager's login credentials to access the RTGS system, which is used for high-value transactions, and transferred the funds to various accounts. The theft went unnoticed for several days due to the sophisticated methods employed by the hackers to cover their tracks.

"A case has been registered by the IT manager of the Nainital Bank. He said that about ₹16.5 crore was withdrawn by hacking the manager’s credentials and the bank’s server. This happened between June 16 and June 20. The money was transferred to 89 accounts. A team has been formed to probe the matter," ACP Cyber Crime Vivek Ranjan Rai told NDTV.

The police have launched an investigation to track down the cybercriminals and recover the stolen funds. The case highlights the growing threat of cyber crime in the banking sector and underscores the importance of robust security measures to protect sensitive financial data. Cyber experts emphasize the need for banks to implement advanced security protocols, such as multi-factor authentication, encryption, and regular security audits, to safeguard against such breaches.

The heist has raised concerns among customers and banking officials about the security of digital banking systems. Many are calling for increased investment in cybersecurity infrastructure and training to prevent future incidents. The Reserve Bank of India (RBI) is also expected to review its guidelines and issue new directives to strengthen cybersecurity measures across the banking sector.

In response to the incident, Nainital Bank has assured customers that their individual accounts were not compromised and that the stolen funds were part of the bank’s reserves. The bank is cooperating fully with the investigation and has taken immediate steps to enhance its security protocols to prevent future breaches. Customers have been advised to monitor their accounts for any suspicious activity and report any discrepancies to the bank immediately.

This incident serves as a stark reminder of the vulnerabilities in the digital banking landscape and the need for continuous vigilance and proactive measures to protect against cyber threats. As the investigation continues, it is hoped that the perpetrators will be brought to justice and that the lessons learned from this heist will lead to stronger security practices across the industry.

You might also be interested in - Hackers leak nearly 10 billion passwords in what is considered the biggest cyber security breach