A major cyberattack struck a Hyderabad-based software company in Hitec City, resulting in a loss of ₹1.39 crore. The firm, which develops fintech applications for bill payments, rentals, and education transactions, detected the breach during an internal audit on September 15, 2025.
Auditors discovered multiple suspicious debits totaling ₹1,39,95,215, raising concerns across the company and its partner networks.
Hackers Exploit API Access to Steal Funds
Early investigations revealed that hackers did not access the company’s customer database directly. Instead, they exploited the server infrastructure to send fraudulent Application Programming Interface (API) requests to partner banks. These fake API calls mimicked legitimate fund transfers, diverting money to several external accounts.
The attackers also whitelisted certain IP addresses, making the transactions appear valid within the banking system, which complicated detection efforts.
Following the server breach, the company’s CEO filed a complaint with Cyberabad Cybercrime Police Station. Authorities have registered a case and engaged digital forensic experts to trace the attack. They are now tracking the beneficiary accounts to locate the stolen funds.
Officials emphasized that while the company’s core data remained secure, the server-side breach highlights how infrastructure vulnerabilities can undermine even well-protected systems.
Cybersecurity experts point to a rising trend of API-driven attacks in the fintech sector, where real-time bank integrations create new security risks. Attackers exploit weaknesses such as poor server security, weak authentication, and excessive IP whitelisting.
Experts Recommend Firms to:
- Monitor server activities with advanced anomaly detection
- Conduct ongoing penetration tests and red-team exercises
- Regularly review and limit IP whitelisting
- Use multi-layered authentication for API transactions
This incident serves as a stark warning that cyber fraud can bypass traditional defenses, leading to multimillion-rupee losses within hours.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter |The Mainstream formerly known as CIO News Whatsapp Channel | The Mainstream formerly known as CIO News Instagram
About us:
The Mainstream formerly known as CIO News is a premier platform dedicated to delivering latest news, updates, and insights from the tech industry. With its strong foundation of intellectual property and thought leadership, the platform is well-positioned to stay ahead of the curve and lead conversations about how technology shapes our world. From its early days as CIO News to its rebranding as The Mainstream on November 28, 2024, it has been expanding its global reach, targeting key markets in the Middle East & Africa, ASEAN, the USA, and the UK. The Mainstream is a vision to put technology at the center of every conversation, inspiring professionals and organizations to embrace the future of tech.
