Capillary Technologies India has reported a €3 million banking fraud at an overseas subsidiary, executed via deepfake voice cloning and social engineering. The company has recovered €0.45 million, frozen additional accounts, and confirmed that its core operations and customer data remain secure despite the sophisticated cyber-enabled financial attack.
BENGALURU — Capillary Technologies India Limited, a prominent customer loyalty and engagement platform, disclosed on Monday that it has fallen victim to a sophisticated banking fraud totaling approximately €3 million (roughly ₹32.7 crore) involving its overseas step-down subsidiary. The company confirmed that the incident was orchestrated through advanced cyber-enabled techniques, including the use of deepfake voice cloning, forged signatures, and social engineering.
The fraudulent activity, which took place just before the weekend, targeted the company’s internal financial controls by impersonating key managerial personnel (KMPs) to authorize unauthorized transfers to third-party bank accounts.
Immediate Response and Recovery Efforts
Upon discovering the breach, Capillary Technologies initiated immediate legal and operational measures to trace and secure the transferred funds. The company confirmed that it has successfully recovered €0.45 million (approximately ₹4.9 crore) to date.
According to official disclosures, Capillary Technologies is working in close coordination with international law enforcement, cybercrime authorities, and banking institutions to track the remaining funds. The company stated that additional accounts linked to the fraudulent transfers have been identified and frozen, though the precise amount currently held in these frozen accounts is still under assessment.
Impact on Operations and Data Security
In a filing to the stock exchanges, the Bengaluru-based company emphasized that its core business operations remain unaffected. Capillary Technologies further stated that there is no evidence of a compromise regarding customer data, employee information, or its internal technology infrastructure.
The incident is currently being treated as an isolated financial fraud. The company confirmed that it carries cyber and crime insurance, and it has already notified its insurers to assess the scope of coverage for the loss. Management underscored that the event does not necessitate any changes to its annual or long-term strategic business goals at this stage.
Official Sources
The disclosure was made via a formal stock exchange filing on Monday, July 6, 2026. As a publicly traded entity, Capillary Technologies is required to report material events, including significant financial irregularities, to BSE Limited and the National Stock Exchange of India (NSE) under the SEBI (Listing Obligations and Disclosure Requirements) Regulations, 2015.
Why It Matters
This incident highlights the rising threat of "AI-enabled" corporate fraud, where sophisticated technologies like voice cloning and deepfakes are being deployed to bypass traditional banking security protocols. For businesses, it serves as a critical reminder of the need for heightened verification procedures, especially for high-value fund transfers within decentralized or international subsidiary structures.
Key Facts at a Glance
Total Amount Fraudulently Transferred: Approximately €3 million (approx. ₹32.7 crore).
Amount Recovered: €0.45 million (approx. ₹4.9 crore) successfully retrieved.
Fraud Methodology: Sophisticated deepfake voice cloning, social engineering, and forged signatures impersonating executives.
Data Impact: No compromise of customer data, employee data, or core technology infrastructure reported.
Status: Legal and recovery operations are ongoing in collaboration with international law enforcement and banks.
FAQ
How did the fraudsters bypass internal security?
The attackers used advanced deepfake techniques, including voice cloning of executives and forged signatures, to deceive staff and authorize transfers.
Is customer data safe?
Yes, the company has officially stated that there is no evidence that customer data, employee records, or the company's technology infrastructure were breached.
What is the company doing to get the rest of the money back?
Capillary is working with cybercrime authorities, law enforcement agencies, and banks to trace funds. They have already frozen several unauthorized accounts and are pursuing legal and insurance recovery routes.
Source: BSE Limited, Capillary Technologies Stock Exchange Filings, Entrackr