SUMMARY
Cybercrime group under the alias ‘John Wick’ takes responsibility for the attack
The hacker put out messages seeking donations to the Prime Minister's relief fund for Covid-19 using bitcoins
In July, a hacker group had taken over the internal controls of Twitter compromising the accounts of Warren Buffett, Jeff Bezos, Barack Obama, Joe Biden, Bill Gates, and Elon Musk
Twitter on Thursday (September 3) confirmed that the Twitter account linked to Prime Minister Narendra Modi’s personal website was hacked by a group that claimed to be John Wick on Wednesday (September 2). This is the first profile takeover since the cyber breach on Twitter in July. The verified Twitter account has over 2.5 million followers, has since been restored. Modi’s personal Twitter account, which was unaffected by this incident, has over 61 million followers.
“We’re aware of this activity and have taken steps to secure the compromised account. We are actively investigating the situation. At this time, we are not aware of additional accounts being impacted. Advice on keeping your account secure can be found,” a Twitter spokesperson told Reuters.
In a series of tweets after the takeover of the verified handle, the hacker put out messages seeking donations to the Prime Minister’s relief fund for Covid-19 using bitcoins. “This account is hacked by John Wick ([email protected]), We have not hacked Paytm Mall,” the message said.
US-based cyber-risk intelligence platform Cyble Inc had claimed in August that ecommerce platform Paytm Mall suffered a massive data breach in the hands of the same cybercrime group under the alias ‘John Wick’.
In July, a hacker group had taken over the internal controls of Twitter compromising the accounts of popular verified users such as Warren Buffett, Jeff Bezos, Barack Obama, Joe Biden, Bill Gates, and Elon Musk and put out a message seeking donations using bitcoin.
Twitter said at this time there is no indication or evidence of any correlation between this account compromise and the incident that took place in July.
Recent Big Attacks
Dark web sweepers Cyble claimed in July that internal data of Gurugram-based Religare Health Insurance has lost 5 Mn records, which is now up for sale. The US-based cybersecurity firm has claimed that the hacked data includes details of Religare, its agents and several sensitive information of the company’s clients, including their names, phone numbers, email id, date of birth.
According to a blog post, published by Cyble, the leaked database also contains details about insurance policies like customer ID, policy number, start date, end date, along with the name, sum and renewal amount of the policy taken by the customers.
In July, hyperlocal task management startup Dunzo also suffered a data breach that leaked phone numbers and email addresses of its users. The data breach took place through servers “of a third party” Dunzo works with were compromised, the firm’s chief technology officer (CTO) Mukund Jha had said in a blogpost.
Prior to this, Cyble has highlighted data breaches of companies like Truecaller, Unacademy, Naukri.com, Bharat Earth Movers Limited (BEML) and IndiaBulls. While Unacademy and BEML have accepted the data breach. Naukri.com has alleged that the data found dates back to the year 2006 – 2012, and there is no proof that the data has been collected from Naukri.com even though the file does.
There have been several Indian platforms in the past which have faced data breaches. Earlier in May, it was reported that data of 4.75 crore Truecaller Indian users was found to be up for sale on the dark web. The development which was denied by the Swedish mobile application platform Truecaller India, was a result from its data leak.
