The Himachal Pradesh State Cooperative Bank has fallen victim to a ₹11.55 crore cyber fraud after attackers compromised the bank's server through a customer's mobile banking application. The incident, which occurred at the Halti branch in Chamba district, marks one of the most severe digital heists in the state's recent history.

According to preliminary reports, the fraud took place over May 11 and 12, 2025, but came to light only on May 14, due to a bank holiday on May 13 which delayed receipt of the daily transaction report from the Reserve Bank of India (RBI). It was only after reviewing the RBI report that bank officials discovered the massive unauthorised withdrawals and filed a complaint.

Cybercriminals reportedly hacked the mobile banking app of an unsuspecting customer and used it as an entry point to infiltrate the bank's core server systems. Once inside, they swiftly executed multiple high-value transactions, dispersing the ₹11.55 crore across 20 different bank accounts, raising serious concerns about multi-layered coordination and account mule networks.

The compromised amount has since been put on hold, and authorities are working to trace and recover the transferred funds before further dispersion. The bank has reassured its customers that their deposits are secure and that no systemic compromise of customer data has been detected so far.

DIG (Cybercrime) Mohit Chawla confirmed the breach and said that the case was initially registered at Sadar Police Station in Shimla, but has since been transferred to the Cyber Police Station for specialized investigation.

In response to the breach, the Indian Computer Emergency Response Team (CERT-In) has dispatched a technical team from Delhi to Shimla to support the investigation. CERT-In is expected to conduct an in-depth forensic audit, including examining server logs, IP traces, mobile app vulnerabilities, and unauthorized backend access.

DIG Mohit Chawla said, "A detailed probe is underway. CERT-In experts and Himachal's cyber commandos will collaborate to identify vulnerabilities and track the origin of the hack." The investigative agencies are also examining whether any international threat actor groups or malware strains were involved in the coordinated breach.

Authorities have called for tighter mobile banking security protocols, including multi-factor authentication, application behavior monitoring, and real-time fraud detection systems to prevent future incidents of this scale.

This cyberattack highlights the increasing sophistication of financial cybercrime, particularly against state-run and regional banks that may lack robust digital defenses. As mobile banking adoption grows in India's hinterlands, so does the need for rigorous cybersecurity training, customer awareness, and technology upgrades.

The incident has prompted regional banks and co-operative financial institutions to reassess their digital infrastructure and engage with cybersecurity experts to fortify endpoints and protect mobile applications against similar exploits.