The Cosmos Cooperative Bank in Pune India was the target of a significant theft through cyber-attack. A currently unknown attacker, or attackers, stole information for the bank’s VISA and Rupay card customers through attacks targeting the bank’s ATM server. The theft compromised the information of 800 million accounts through early 15,000 transactions. A total of approximately 940 million Rupees ($13.4 million USD) was stolen in total, 790 million Rupees ($11.1 million USD) through cloned VISA transactions, 20 million Rupees ($285,760 USD) were taken through Rupay transactions, and the remaining 139.4 million Rupees ($1.9 Million USD) was transferred to an account in a Hong Kong-based bank through a fraudulent SWIFT transaction. The attacks appear to have been launched from a system located in Canada. The funds were taken through 25 different ATMs located in Canada, Hong Kong, and India between August 11th and 13th. At this time it is unknown who was behind this attack, several threat actors have utilized similar tactics previously, North Korea has carried out attacks against the SWIFT system successfully in the past, Carbanak has carried out a number of successful attacks targeting ATMs, though several members of their group have been arrested over the past year there are still an unknown number of their members still at large. As the investigation proceeds more details may reveal greater insight into who was responsible for this attack.