SHIMLA, June 12 — In a major breakthrough, Himachal Pradesh police arrested four individuals from different parts of the country — including Mumbai, Delhi, Rajasthan, and Uttar Pradesh — for allegedly defrauding the Himachal Pradesh State Co-Operative Bank of ₹11.55 crore through a sophisticated cyber heist.
Confirming the arrests, Deputy Inspector General (DIG), State Cyber Crime, Mohit Chawla said that an intensive investigation is underway. “We are currently interrogating two suspects who are providing crucial leads. The bank accounts of the accused have been frozen,” Chawla said.
The fraud was executed on May 11 when cybercriminals hacked into the bank’s Himpesa mobile banking application and compromised the account of a customer at the Halti branch in Chamba district. The hackers carried out unauthorized NEFT and RTGS transactions, siphoning funds and dispersing them across 20 different bank accounts.
Though the fraudulent transactions occurred on May 11 and 12, the scam only came to light on May 14 when the bank received a transaction summary from the Reserve Bank of India (RBI). Bank authorities promptly alerted law enforcement, and the case was handed over to the state’s cyber cell.
A technical team from the Indian Computer Emergency Response Team (CERT-In), New Delhi, was called in to assist with the probe. The team played a pivotal role in uncovering how the Himpesa application was breached.
Following leads generated through digital forensics, the police traced the culprits to multiple cities and executed a coordinated arrest operation. All accused were subsequently brought to Himachal Pradesh for further legal proceedings.
Bank officials, meanwhile, reassured customers that their funds were secure and confirmed that all suspicious transactions had been put on hold. “We acted immediately to safeguard customer interests,” a senior bank officer said.
The case marks one of the largest cyber frauds in the state’s banking sector, highlighting vulnerabilities in mobile banking systems and prompting calls for tighter cybersecurity frameworks.
