A 20-year-old student sitting in Delhi kept the Telangana police on their toes for the past few days. The Telangana Cyber Security Bureau (TGCSB) arrested him for hacking the data of the Hawk Eye and TSCOP applications of the State police department.
The accused, Jatin Kumar, is a student from Noida and a native of Jhansi.
In an official release, the DG of Telangana Ravi Gupta said that no sensitive/financial data of any user has been compromised.
This comes after social media platforms were flooded with queries from netizens about privacy concerns after screenshots of the breach went viral. The case was registered on a priority basis by the TGCSB headquarters, the ninth such in this year, following the detection of a data breach involving the Hawk Eye application, with subsequent leaks concerning TSCOP and police SMS services.
“The TGCSB investigators travelled to Delhi, where they identified and arrested the hacker, who claimed to have posted the compromised data on a public platform for a price. Advanced tools were used to unveil the hacker’s identity,” the official added.
The hacker had posted details of the breach on databreachforum.st, offering the compromised data for sale at $150. He provided the Telegram IDs Adm1nfr1end and Adm1nfr1ends for interested buyers to contact him regarding the Hawk Eye and TSCOP data, respectively.
According to officials involved in the probe, all the transactions related to the data were done in cryptocurrency. “We are in the process of tracking crypto wallet transactions. We also verifying if the hacker had allies in the country or was acting alone,” said the officials.
Despite his attempts to mask his identity, TGCSB personnel deployed social engineering techniques to track him down. The hacker was apprehended on June 8 and will be brought to Hyderabad on a transit remand. “Kumar has a history of cybercrimes, having been previously involved in a similar case of hacking and was arrested by Special Cell Dwarka Police Station, New Delhi in 2023. He was also involved in leaking of data Aadhaar cards and critical information related to Central Bureau of Investigation (CBI),” TGCSB Director Shikha Goel explained.
Privacy not compromised
DGP Gupta explained that TSCOP has been solely utilised for in-house tasks, guaranteeing no collection of confidential/financial user data. “It is a fact that TSCOP does not collect any visitor/hotel management data at all. Hence, it is incorrect to say that TSCOP pushed such data to any third party,” clarified the official.
“We have also initiated comprehensive monitoring and vulnerability assessments across all police internal and external networks, web and mobile applications as well as cloud and endpoints to identify and address any security issues,” he added.
“The department will initiate suitable legal action against any person involved in spreading wrong and misguiding information among the public besides trying to hamper the ongoing investigation through misinformation,” concluded the official release.
Published - June 09, 2024 07:32 pm IST