In a first, RBI fines AP co-op bank Rs 65 lakh for lack of cyber security measures
On January 24, 2022, a cyber fraud was reported by AP Mahesh Co-operative Urban Bank Limited, where a sophisticated hacker breached the bank’s systems and illicitly siphoned off Rs 12.48 crore.
By Newsmeter Network Published on 1 July 2023 12:25 PM GMTHyderabad: In a first, the city police’s Cyber Crime Wing’s efforts lead to the Reserve Bank of India (RBI) imposing a penalty of Rs 65 lakh on AP Mahesh Co-operative Urban Bank Ltd, Hyderabad, for blatant non-compliance with the provisions of cyber security framework for primary (urban) cooperative banks. This is the first time ever that such an action has been taken against any bank.
On January 24, 2022, a cyber fraud was reported by AP Mahesh Co-operative Urban Bank Limited, where a sophisticated hacker breached the bank’s systems and illicitly siphoned off Rs 12.48 crore.
The criminal act was carried out through a series of phishing emails that were cleverly disguised and sent to bank employees. Upon opening these malicious emails, the employees’ systems were compromised, providing the fraudsters full access to the bank’s network.
A case was registered at Cyber Crime Police Station, Hyderabad.
This sensational case necessitated a countrywide search for the perpetrators, and after enormous efforts by multiple police teams, several of the accused, including Nigerian nationals, were arrested.
The investigation also revealed the bank’s negligence, evident from its failure to implement cyber security measures, such as anti-phishing applications, intrusion prevention and detection systems, and real-time threat defence and management systems, as mandated by the RBI.
These cyber security components are indispensable for safeguarding the cyber landscape and are found to be conspicuously absent within the bank’s cyber security infrastructure.
CV Anand approaches RBI Governor
Hyderabad city police commissioner CV Anand corresponded with the RBI governor, highlighting the critical lapses and requesting the suspension of the bank’s license to operate. The current legal framework did not allow for criminal negligence charges against the bank management.
The commissioner of police pursued the matter which resulted in the RBI imposing a penalty of Rs 65 lakh on AP Mahesh Co-operative Bank Ltd. The RBI’s thorough cyber audit and the police investigation revealed the bank’s significant lapses which led to the breach.