Cyber Scam with the client

I we provide webhosting services for website and emails. One of our client's mail hacked and someone forwarded a copy of mails to a gmail account. How these scams work Scammers hack into vendor and/or supplier email accounts and obtain information such as customer lists, bank details and previous invoices. Your business receives an email, supposedly from a vendor, requesting a wire transfer to a new or different bank account. The scammers either disguise their email address or create a new address that looks nearly identical. The emails may be spoofed by adding, removing, or subtly changing characters in the email address which makes it difficult to identify the scammer’s email from a legitimate address. The email may look to be from a genuine supplier and often copy a business’s logo and message format. It may also contain links to websites that are convincing fakes of the real company’s homepage or links to the real homepage itself. The scam email requests a change to usual billing arrangements and asks you to transfer money to a different account, usually by wire transfer. The scam may not be detected until the business is alerted by complaints from legitimate suppliers that they have not received payment. https://www.scamwatch.gov.au/news-alerts/invoice-email-scam-now-targeting-australian-businesses Client transferred 5L rupees to the scammers account. Now they are investigating and reporting to CyberCall. They asked me logs which we shared. And before the scan we already informed the client via whatsapp that your email account has been hacked and someone sending 1000's of spam mails and we reset the password of cPanel and emails. After few days it happen. So as a service provider can they make a case on us also or I am safe, should I be worried. Though the all fault is of client he did not check the email id which looks like similar to vendors id and transferred amount into a new account. Please advise me. What are the rules for webhosting providers.