Hyderabad’s Hitec City, a hub of India’s tech industry, witnessed a major cybercrime this month when a local software firm reported losing ₹1.39 crore to hackers. The company, which develops fintech applications handling bill payments, rentals, and education-related transactions, discovered the breach during an internal audit on September 15, 2025.
Auditors found that multiple suspicious debits had been carried out, amounting to ₹1,39,95,215, triggering alarm across the firm’s operations and partner networks.
Hackers Exploited API Access for Fraudulent Transfers
Preliminary technical investigations revealed that the cybercriminals had not directly tampered with the firm’s customer database. Instead, they penetrated the server infrastructure and manipulated it to send Application Programming Interface (API) requests to partner banks.
FutureCrime Summit 2026: Registrations to Open Soon for India’s Biggest Cybercrime Conference
These fraudulent API calls imitated legitimate fund transfer requests, diverting money to several external accounts. Investigators also found that hackers had managed to whitelist certain IP addresses, making the transactions appear valid within the banking system. This tactic significantly complicated detection.
Complaint Filed; Police Begin Cybercrime Probe
Following the discovery, the firm’s CEO lodged a complaint with the Cyberabad Cybercrime Police Station. A case has been registered, and digital forensic experts are examining the attack trail. Authorities are now tracking beneficiary accounts to identify the end recipients of the stolen funds.
Officials stressed that although the company’s core data repository remained uncompromised, the server-side exploitation demonstrated how even secure systems could be undermined when infrastructure vulnerabilities are targeted.
A Wake-Up Call for Fintech Security
Experts say the incident underlines the growing trend of API-driven attacks in the fintech ecosystem. As financial services increasingly depend on real-time integrations with banks, malicious actors are exploiting gaps in server security, weak authentication, and whitelisted access.
Cybersecurity professionals advise firms to:
- Monitor server activity with advanced anomaly detection systems.
- Conduct continuous penetration testing and red-team exercises.
- Limit and frequently review IP whitelisting practices.
- Implement multi-layered authentication for API transactions.
The case serves as a stark reminder that in today’s digital economy, cyber fraud can bypass traditional safeguards and cause multimillion-rupee losses within hours.
