Cybersecurity Alert: Telangana police network breached, hacker threatens Delhi police as next target
HYDERABAD: Days after hacking the Telangana Hawk Eye App, an unknown hacker has hacked the entire Telangana State Police network, multiple Telangana police apps, and the Telangana TSCOPS app, which is used for facial recognition, fingerprint collection, case management, and all sorts of details related to crime. The hacker has issued a warning stating that they have completed hacking the Telangana Police and are now targeting the Delhi Police.
Recently, it was learned that a hacker breached the personal data of around 2 lakh users of Hawk Eye, the Telangana Police ‘citizen-friendly’ app, and posted the data on the Breach Forums on May 29, 2024, by an anonymous user.
Someone hacked entire @TelanganaCOPs network including TSCOP, their facial recognition setup. This is very very easy because the company which built this software, WINC IT Services has harcoded (embedded passwords as plaint text) inside TSCOP. The TSCOP connects to CCTNS. pic.twitter.com/aLtmY09le1
— Srinivas Kodali (@digitaldutta) June 7, 2024
Lack of understanding of cybersecurity
While speaking to the Hyderabad Mail, Srinivas Kodali, a leading data security researcher, disclosed that “the hacker gained access to the entire police databases of Telangana, which has the largest policing infrastructure, including facial recognition technology and a large command and control centre equipped with various technical tools. This breach indicates a lack of understanding of cybersecurity in the modernization efforts of the Telangana police force.”
“Some unknown party hacked into their entire setup. The problem is that the police have surveillance powers, which means they can access everybody’s personal details, and they have been doing so without following the law and illegally. Most of the time, the police stop us and take a photograph of our faces for facial recognition without issuing a warrant. All of that setup was breached,” said the data security researcher.
“The police have been unlawfully collecting all of our personal information, leaving all of us vulnerable. The police are supposed to keep our records secure, but this breach shows that they can’t even protect their systems. If they can’t safeguard their own systems, how can they be trusted to protect society? This breach reveals the incompetence of the police department. They implement these systems without respecting citizens’ privacy. This comes in the wake of an internal police surveillance scandal, where the police are investigating their intelligence officials,” said Srinivas Kodali, a data security researcher.