Building permit scam using stolen passwords unearthed in Thiruvananthapuram Corporation

A scam related to allotment of building numbers to illegal buildings using the user IDs and passwords of various revenue officials has been unearthed in the Thiruvananthapuram Corporation. Addressing a press conference here on Monday, Mayor Arya Rajendran said the culprits were yet to be identified, but two data entry operators working on a daily-wage basis have been asked to stay away as one of their computers have been found to be used for providing approvals.

What could possibly be the tip of a larger scam was exposed in a thorough check-up of building permit applications ordered by the administration for a period of two months in various zonal offices following cases of misuse of user IDs and passwords of officials in the Kozhikode Corporation to authorise illegal structures.

The modus operandi is similar to that reported in Kozhikode. The practice of sharing of password and login information of the Sanchaya software used for managing building permits and taxes between officials for convenience seems to have led to the scam.

According to the Mayor, the accused had logged in to one of the computers used for data entry on January 28 at 8.26 a.m, much before the regular working hours. Initially, the person used the login ID of a bill collector to enter the details of two commercial buildings owned by Marappalam native Ajayaghosh. Within minutes, the person used the login details of the revenue inspector to verify the application from the same computer. At 8.31 a.m, the person logged in using the details of the revenue officer and approved the application. Two numbers – 15/2909 (1) and 15/2909 (2) – were illegally allocated to the two commercial buildings through this quick process.

"The fact that the entire operation using the three user names was executed in just a few minutes shows that it was done by someone familiar with the Sanchaya software. We have identified the IP address of the computer system which was used for this. Since it was one of the systems used by the two data operators, we have asked them to stay away pending investigation. This does not mean that they are involved in the scam," said the Mayor.

Following a complaint from the Mayor, the City Police has charged a case under Section 465, 467, 468 and 471 of the Indian Penal Code, pertaining to forgery, and Section 43 and 66, pertaining to breaking into computer systems, of the Information Technology (Amendment) Act 2008. The Corporation has requested the Centre for Development of Advanced Computing (CDAC) to restore CCTV camera visuals from January to gather more information on the suspect as the system has only one month storage capacity.

The Corporation had last week issued a directive to officials saying that the entire responsibility of any misuse of user IDs and passwords rests with the owner of that ID. Since the offence happened in January, the officials whose passwords were used for the scam will not be held responsible as of now.

The civic body has also deactivated the login IDs of 38 officials who had retired in recent times. The internal inspection team has completed the scrutiny of 312 out of 1,600 building applications in recent months as part of a drive to check for discrepancies. Building application files from all zonal offices in recent months will be scrutinised soon, said the Mayor.

Our code of editorial values

This article is closed for comments.
Please Email the Editor

Printable version | Aug 10, 2022 10:28:25 pm |