Is this massive backend glitch normal in Indian banking? SBI linked my number to a stranger’s account for 4 years
Hey everyone,
I am a 25-year-old student, writing this to understand a shocking technical flaw in the Indian banking system that completely compromised my data privacy.
The Issue:
About 4 years ago, due to a massive backend blunder, SBI mapped my personal mobile number to a complete stranger's bank account. I discovered this when UPI cashbacks and random transfers sent to my number started routing directly into that stranger's account instead of mine.
The Response:
When I visited the branch, I faced the typical SBI lunch-time drama—nobody took this serious cyber and financial risk seriously. The bank finally woke up and delinked the number only after I officially dragged them to the RBI Ombudsman. In their written apology, the Chief Manager tried to downplay it by saying the stranger's account was "inactive"—which is complete BS because live UPI funding was still actively passing through it!
As a student, this put me at a massive risk. If that account had been used by scammers or money launderers as a mule account, the cyber cell or tax authorities would have come straight after me since my number was officially mapped to it.
I want to ask the community here:
1:Is this kind of catastrophic database mapping blunder normal or common in a major nationalized bank like SBI?
2:Have any of you faced or heard of similar mobile-number mapping errors in other public or private sector Indian banks?
3:How reliable is the backend infrastructure of the Indian financial sector if an individual's personal identity can be wrongly tied to a stranger's funds for 4 long years without any system alerts?
Looking forward to your insights and guidance on this.