Shimla: A major cyber fraud has hit the Himachal Pradesh State Cooperative Bank, where hackers accessed the mobile banking application ‘Him Paisa’ and transferred ₹11.55 crore to 20 different accounts. The cyber attack took place on May 11 and 12 — both banking holidays — and remained undetected until May 14, when a transaction report from the Reserve Bank of India (RBI) flagged the unusual activity.
According to the complaint filed by the bank’s Chief Information Security Officer (CISO), the fraudsters first hacked the mobile phone of a customer from the Hatli branch in Chamba district. Using this access, they entered the Him Paisa app and carried out unauthorised RTGS and NEFT transactions.
The fraud was discovered after the RBI’s report arrived on May 14. Due to the holiday on May 13, the daily transaction alert that usually helps detect such activity did not come, allowing the fraud to go unnoticed for over two days. Once the breach was confirmed, the bank filed a complaint at the Sadar Police Station in Shimla. A Zero FIR was registered, and the case was transferred to the Cyber Crime Police Station under the State CID.
DIG Cyber Crime Mohit Chawla confirmed that a detailed investigation has been initiated. CERT-In, the national cybersecurity agency, has also been informed. A team from CERT-In is scheduled to reach Shimla on Saturday to visit the bank’s data center and examine how the breach occurred through the Him Paisa app.
The bank has stated that the ₹11.55 crore transferred to the 20 accounts has been put on hold. The bank also informed that it has cyber insurance to safeguard against such losses, and steps are being taken to upgrade the bank’s systems to Finacle-10 — an advanced software used by major banks in the country, to prevent future cyber threats.
This incident has highlighted serious concerns about cybersecurity in cooperative banking institutions, especially during holidays when real-time monitoring is limited. The investigation is ongoing to determine how the attackers breached the app and whether internal systems were compromised.
