The Telangana police’s mobile applications HawkEye and TS-COP were allegedly hacked by 20-year-old Greater Noida resident Jatin Kumar. The accused, who is a Computer Sciences student, was arrested by the Telangana Cyber Security Bureau (TGCSB) on Sunday, June 9 from the Delhi National Capital Region.
After images of the breach went viral on social media, a case was registered and TGCSB officials went to Delhi to nab the accused. The hacker reportedly posted details of the breach on databreachforum.st and provided Telegram IDs for potential buyers to contact him. According to reports, Jatin attempted to sell the data of HawkEye and TS-COP applications for $150. Officials said that all transactions related to the data were done in cryptocurrency and an investigation is underway to find out if he had accomplices in the crime.
HawkEye is a free-to-use application developed by Telangana police for citizens to report crimes and violations. The TS-COP application has access to all the databases of the Telangana government, including voter data, Aadhaar, driver’s licence, ration card, and phone numbers. The police also used third party services to access data from hotel check-ins using the third party vendor Zebi Chain.
Read: How inadequate security checks led to massive data breach in Telangana police app
Telangana DGP Ravi Gupta said that sensitive data, including financial information, of all users are safe. “TS-COP does not collect any visitor/hotel management data at all. Hence, it is incorrect to say that TS-COP pushed such data to any third party,” the DGP told the media. Police further said that it is likely that the weak or compromised password helped the hacker get access to HawkEye application data, which comprises user information such as mobile numbers, addresses, and email IDs.
TGCSB Director Shikha Goel said that Jatin was earlier arrested by the Special Cell of Dwarka police station in New Delhi for a similar case of hacking and that he was involved in the leaking of Aadhaar data and information related to the Central Bureau of Investigation. Advanced tools were used to identify the accused, who is being taken to Hyderabad for further enquiry.