With its swift response and assistance from other agencies, plus a simple mistake made by the hackers, Union managed to get back every cent within 60 hours.
Find out how Union averted a disaster.
How Union Bank prevented a $171mn heist
The start of the crisis
"It was around 10:30am" on July 21, says MD Arun Tiwari. "The thing uppermost in my mind was I had to quickly get onto the money trail."
Tiwari informed RBI, the foreign ministry and the Indian Computer Emergency Response Team; he also roped in consultancy-firm EY the same day.
How did it happen?
The breach, it was discovered, was caused by a spam email fraudulently marked from 'RBI', which had a malware attached. The mail was sent to 15 email IDs.
Love Business news?
Stay updated with the latest happenings.
The hackers leave their footprint behind
The fraud was detected early due to a simple mistake the hackers made: they deleted their six entries, which was detected on Union's end-of-the-day balance report.
Union takes charge to recover stolen money
Officials began with network forensics; one of the first steps was to delink its "380-odd SWIFT pan-India connections", and centralize operations.
However, it had to work with "limited resources".
A floor was cordoned off at Mumbai's Union Bank Bhawan and employees involved asked not to leave till operations ended.
On July 22, Union informed the trail had been traced and movement of funds suspended.
Union or SWIFT: Who's to be blamed?
Kiran Shetty, SWIFT India CEO, insists their system had "never been compromised"; he said they haven't received "full details" from Union either.
Meanwhile, Tiwari maintained he cannot share details because he didn't have a copy. However, he says the measures undertaken subsequently included "the most stringent filtering".
However, despite the best security measures in place, Tiwari said he wouldn't rule out future cyber attacks.
What's being done to prevent such instances?
Shetty of Swift announced roadshows in five cities on awareness about cyber security. A customer security programme mandates 16 controls and advises another 11.
He also said a fast rate of digitization necessitated increased investments on the cyber side too.
The RBI has, meanwhile, recommended a chief information and security officer who reports directly to the board.