Hacker breaches Telangana police SMS service, to target Delhi police next
Hyderabad: In yet another shocker, the “Telangana State police SMS service” was not only hacked but also put up for sale online. The culprits were the same ones who had previously hacked “Hawkeye” and “TSCOP” apps.
This incident is the latest in a series of cyberattacks targetting the force's digital applications, thereby raising concerns about the security of sensitive information managed by the department.
Incidentally, anyone who has access to the police SMS service portal can pose as police personnel and send SMS messages to whosoever. The recipient, who will get the SMS under ‘Police alert’ title, can be deceived by the hacker’s malicious intentions.
The hacker, whose identity remains unknown, has a history of targetting Telangana police apps. The hacker previously infiltrated "Hawkeye" and "TSCOP".
"Hawkeye", an app designed to enhance public safety by allowing citizens to report crimes, and "TSCOP", an app used by police personnel for various administrative functions, were both compromised. The hacker uploaded the data from these apps to online forums, selling access for $200 and $120, respectively.
In an even more embarrassing development, the hacker followed up with a post in which he hints at shifting focus from Telangana to Delhi, whose police apps would be the next target.
Despite the severity of these attacks, Telangana police have remained tight-lipped, offering no official response regarding the breaches. This has added to the unease among citizens and cybersecurity experts, who are calling for urgent measures to streamline security of police digital systems.
Lest one forgets, there are many risks associated with such breaches. The compromised data includes sensitive information of citizens, who have reported crimes, and internal communications, including gun licence details of officers. The hacker's actions not only jeopardise the privacy and safety of individuals but also casts a doubt about the integrity of law enforcement towards personal information of citizens.
With the data sold online, any person with malicious intent could use it to commit frauds, including phishing, financial frauds and impersonation.
