The websites and databases of seven Indian missions in Europe and Africa were hacked and data from their servers were allegedly dumped online on Monday.
Hackers going by the name Kapustkiy and Kasimierz L on Twitter claimed to have breached the security of the official websites of the Indian missions in South Africa, Libya, Malawi, Mali, Italy, Switzerland and Romania.
The leaked databases containing admin and login details, names, email IDs, phone numbers and, in some cases, passport numbers of mission staffers were published on pastebin.com. The data dump was later removed by the administrators of pastebin.
The hackers allegedly leaked details of 161 Indians living in South Africa, 35 in Switzerland, 145 in Italy, 305 in Libya, 74 in Malawi, 14 in Mali and 42 in Romania.
The external affairs ministry said steps were being taken to address the matter. “We are aware of the issue and we are fixing it,” external affairs ministry spokesperson Vikas Swarup told Hindustan Times.
One of the hackers, who identified himself as Kapustkiy on Twitter, told Hindustan Times: “We did it because their security was poor and as the Indian Embassy they need to have better security.”
The websites of several other Indian missions too are not secure, the hacker claimed.
“The websites have a SQL vulnurability. Even a six-year-old could breach it,” the hacker said. Kapustkiy claimed to be in possesion of more data, such as addresses and more passport numbers, that the hackers chose not to make public.
An SQL vulnerability is a security flaw in a database. A hacker inserts malicious content into the database -- using forms on the website, accessing the website code or via email. This malicious content compromises the security of the database and gives the hacker unfettered access. An example of such an attack was the Sony hack of 2011 when 1 million accounts and passwords were released online.
“It’s not hard to fix it. You just have to be aware of such things because most of the time you want contact them and saying that they have vulnerabilities, they just ignore you,” the hacker added.
The hackers claimed to be under the age of 18 and from the Netherlands. They called themselves “grey hats” and claimed their hacking was an attempt to inform administrators about vulnerabilities on their websites.
“All the actions we made were to force the administrators of the site to get better protection on their websites. It’s very odd that multiple websites of embassies can be exploited with an SQL injection,” the second hacker who identifies himself as Kasimierz told HT.
According to reports, the Indian high commission in South Africa was hacked first, followed by the embassies in Switzerland and Italy.