The state department of information technology (IT) recently ordered a public sector bank to pay Rs 40 lakh as compensationto two non-resident Indians (NRIs) who were victims of email hacking and subsequent unauthorised transfer of funds from their account.
In his order, Rajesh Aggarwal, the IT department’s outgoing principal secretary and adjudicating officer, said that the complainant had been conducting transactions with the banks only through emails, “which is an insecure way of doing things. Mechanisms like alternate email, SMS alerts etc. were not used. The complainant had also not informed the bank about his defunct mobile number. Hence both the complainant and the respondent bank have to share the blame.”