This Happened to Me. And I Think It Has Happened to You Too.

I want to tell you something that took me a long time to say out loud — because it made me feel foolish. Foolish for trusting.

I hold multiple bank accounts in India. I worked for every rupee in them. I linked my PAN number. I submitted my Aadhaar. I trusted the bank with my identity, my savings, my entire financial life. And then, without asking me, without telling me, someone on the inside looked through all of it. My account balance. My transactions. My personal details. Not for any legal reason. Not to protect me. Just because they could.

I felt violated. And then I felt something worse — I felt alone. Like maybe I was overreacting.

I am writing this because I know I am not alone. And neither are you.

 
Think Back. Has This Happened to You?

Has a bank relationship manager ever called you out of nowhere and said "Sir, I see you have a good balance right now — let me suggest an investment plan" — when you never asked, never enquired, never gave permission?

Has a home loan executive from your own bank somehow known your exact income, your existing EMIs, your spending patterns — and pitched you a loan with details you never shared with sales?

Has someone from the credit card department called you within days of a big deposit, offering a "pre-approved" limit that seemed suspiciously accurate?

We brushed it off. We told ourselves it was just how banks work. "Of course they know — it's my bank." But that is not service. That is not consent. That is a violation — and we have been quietly accepting it for years.

 
Now Ask Yourself This — What If It Goes Further?

This is the question that haunts me. And it should haunt every one of us.

What if a bank employee — who can see your balance, your PAN, your Aadhaar, your transaction history — quietly passes that information to someone outside the bank? A fraudster. A cyber gang. Someone who now knows exactly who to target, how much they hold, and what pressure point to push.

Many people think this is a theory. The evidence says it is already happening.

The CBI arrested three accused, including a former assistant bank manager, in connection with a ₹1.6 crore digital arrest cyber fraud that targeted a senior citizen. The ex-bank official is alleged to have played a key role in facilitating the fraud — helping open and route money through accounts used to conceal the crime. The420

In Rajasthan, police arrested four people including a contractual bank employee in a ₹1.85 crore digital arrest scam that specifically targeted an elderly woman. Investigators found the bank employee had helped fraudsters manage the accounts used to receive and transfer stolen money. The420

And here is the pattern that should make your blood run cold: cyber gangs now deliberately select their victims based on predictable pressure points — NRIs managing Indian finances remotely, and senior citizens who can be isolated and manipulated over long calls. India Observers How do they know who to call? How do they know who has savings worth targeting? How do they know your parents live alone, hold a large fixed deposit, and have a child abroad who cannot intervene immediately?

Someone told them. Someone with access to your bank's system.

 
The Fraud Begins Long Before the Phone Call

Almost every financial cyber fraud in India begins the same way — with fragments of personal data. A phone number. A PAN detail. An account balance. Information that was never meant to leave the bank. The420

Think about what a bank employee can see on their screen: your full name, your Aadhaar number, your PAN, your account balance, your salary credits, your FD amounts, your nominee details, your residential address, your mobile number. They know if you are an NRI. They know if you are a senior citizen. They know if your account has been quiet for months, suggesting you may be unwell, travelling, or simply unaware.

That profile — built from your own private banking data — is exactly what a cyber fraud gang needs to craft a believable, targeted attack. And if even one bank employee leaks it, the damage to you could last a lifetime.

India's Supreme Court has taken note of this directly, flagging the alarming siphoning of nearly ₹52,000 crore between April 2021 and November 2025 through online fraud — and specifically calling out cases where bank personnel failed to act despite unusually large withdrawals from the accounts of senior citizens who had long banked with them. Banking Finance

 
The Real Cases Behind These Numbers

In April 2026, an Axis Bank branch manager in Hyderabad was arrested for siphoning Rs 6.5 crore from an NRI customer's account. The victim lived in Australia, and the fraud — carried out through forged signatures and 42 illegally issued cheques — went on for nearly two years before justice was pursued. etvbharat

PNB employees used unauthorised internal access to issue fraudulent Letters of Undertaking worth over ₹12,000 crore — bypassing the bank's own core banking system entirely, exploiting insider privileges that were never properly monitored. Wikipedia

A PNB senior branch manager created 15 fake customer IDs using forged Aadhaar cards, opened bogus accounts, and siphoned nearly ₹2.70 crore — all from the inside, using the very access that should have been protecting customers. The420

When Cyberabad Police arrested a data thief in Faridabad, they found he had been holding and selling personal and financial data of over 60 crore Indians — including customer information from State Bank of India, Axis Bank, and Bank of Baroda. The Wire

Each of these crimes began with access. Unchecked. Unlogged. Unaccountable.

 
The People Most at Risk Are the Ones We Love Most

Your father, who worked his whole life and now has his pension sitting in a fixed deposit. Your mother, who does not fully understand digital banking but trusts the man at the branch. Your relative working abroad, whose NRI account holds years of foreign earnings. Your elderly uncle who still keeps a passbook and trusts the bank manager like a neighbour.

In January 2026, an elderly NRI couple in Delhi lost approximately ₹14.84 crore in a 16-day digital arrest trap India Observers — a fraud so precisely targeted it is almost impossible to believe the criminals acted on guesswork alone.

They did not guess. Someone gave them a starting point.

Stopping unauthorised internal access to bank data is not just about privacy. It is about protecting the most vulnerable people in our families from becoming the next target.

 
What We Are Demanding

1. Mandatory audit trails. Every time a bank employee accesses your balance, PAN, Aadhaar, or transactions — it must be automatically logged and available to you on request via OTP.

2. A "Who Viewed My Account" report. Just as CIBIL shows who pulled your credit score, banks must show you who accessed your account data and when.

3. Criminal penalties for unauthorised access. An employee looking at your data without legitimate reason must face legal consequences — not just an internal memo.

4. A direct grievance channel to RBI — independent of the bank that wronged you, with time-bound resolution.

5. Stronger protection for NRI and senior citizen accounts — with additional access restrictions, anomaly alerts, and mandatory family notifications for unusual activity.

6. Whistleblower protection — so honest bank employees can report data misuse without fearing for their jobs.

 
Sign This, Because Someone You Love Is Already at Risk

Your parents trust their bank with their retirement. Your sibling abroad trusts their NRI account is safe. You handed over your Aadhaar and told yourself the bank would protect it.

That trust is being broken — not just by outsiders, but sometimes by the very people sitting behind the counter.

This is about your privacy. Your family's safety. And the basic principle that what is yours, stays yours — in a vault you can actually trust.

Sign. Share. Make some noise. Because silence has already cost us enough.