r/india
(UPDATE): SBI employees leaked my personal and banking data, Now senior officials are requesting to withdraw the complaint
So, it’s been about 6 months since I first posted about the SBI data breach where my personal and banking details were accessed and printed without authorization. Old post links are in comments, incase you want to know the full story.
A lot has happened since then, and it’s honestly been exhausting but eye-opening. I actually got hold of the CBS audit logs from SBI’s data centre in Belapur.
The logs clearly show my data being fetched and printed from SBI branches 31045, 31822, and 11177. With that, I filed multiple RTIs to confirm what exactly happened.
The replies were laughable —
Lucknow Zone: “No data was breached.”
Jaipur Zone: “This RTI is hypothetical in nature.”
Like… what? I literally have the logs from your own system.
So I filed first appeals —
Lucknow’s FAA admitted that my data was fetched, but then said it wasn’t breached (don’t even know how that logic works), and Jaipur’s FAA copy-pasted the same vague reply.
I went ahead and filed second appeals, which are still pending before the CIC.
Meanwhile, my RBI Ombudsman complaint was in limbo all this while, until last week. RBI finally emailed me, attaching SBI’s official response where they again claimed, “no data breach occurred.”
I immediately sent back all my proof — the CBS logs, RTI trail, and emails.
A few days later, I got an email from the SBI General Manager (Lucknow) admitting that yes, the data was fetched, but it was “on the request of another customer to check a transaction” and “not printed or shared.”
That was the moment I knew they were just shifting narratives. The logs literally say “PRINT,” with the exact branch code and operator ID.
And since then, the floodgates have opened — calls and emails from AGMs, GMs, Chief Managers, and Branch Managers, all politely (some desperately) asking me to withdraw the complaint.
To be honest, I might’ve considered closing it earlier, but after 6 months of denials, cover-ups, and fake replies, I’m not in the mood to let it slide.
It’s not even about money anymore, it’s about accountability. They’ve been caught lying at multiple levels, and only now that I have written proof from their own systems, they’re panicking.
At this point, I’m deciding whether to:
1. Let the Ombudsman and CIC process play out — which could officially confirm the breach and possibly get compensation through RBI, or
2. Negotiate a settlement directly, since clearly they want this buried and off record. I can milk them more here.
I’m documenting everything — every email, every call, every piece of evidence — because this is way bigger than just one person’s data.
If SBI can’t even control internal access to customer data or admit when it’s breached, that’s a serious red flag for everyone banking there.
I posted on X. I hope you guys join. Tbh I can just settle and enjoy free money. I am fighting for a change. I hope you guys help. Tag SBI, RBI and other responsible bodied. X link is in comment.