Hours after Congress vice-president Rahul Gandhi’s Twitter account was hacked, the party’s official account was also found to be hacked. Abusive tweets were posted on the Congress’s account @INCIndia earlier Thursday although those tweets were removed within 30 minutes. The party’s website inc.in was found to be hacked as well.
“It’s a huge question mark on the digital security,” Gandhi was quoted saying by news agency ANI.
The Delhi Police has registered an FIR into the hacking of Gandhi’s Twitter account on the basis of a complaint filed Wednesday. The police said an investigation has been initiated and are looking at all aspects regarding cyber crime.
Hours after the hacking, in signs that the Congress account has been restored, this tweet was sent out:
Hello everyone! We are back. The tweets in the morning lacked wit, evidently.
Anyway, Mr Modi, back to people’s questions, care to answer?
— INC India (@INCIndia) December 1, 2016
Late Wednesday evening, Gandhi’s Twitter account was also found to be hacked similarly though the abusive tweets were taken down hours later. The party called the hacking “unscrupulous, unethical and roguish” and blamed internet trolls for the act. A ‘fascist culture’ was behind the act, the Congress said.
“Such unscrupulous, unethical and roguish conduct of venal trolls to hack @OfficeOfRG reflects disturbing insecurities of prevalent fascist culture,” party spokesman Randeep Surjewala tweeted immediately afterward. It was not clear which organisation was behind the hacking. The party has filed a complaint with the cyber cell of the Delhi Police over Gandhi’s Twitter account being hacked. The matter is also expected to reach both Houses of Parliament in the ongoing winter session as the Congress plans to raise it.
— Randeep S Surjewala (@rssurjewala) December 1, 2016
“The social media hack of both the accounts can be a result of any one of the following two possibilities: It can either be a potential backdoor(malware) being present on a computer system on which both the accounts might have been simultaneously accessed or this can be a long persistent and targeted attack – spear phishing in most cases on either the email account that was used to create the twitter handle or directly of the twitter account – on the political party. In either of the case I am certain there is more data in the hands of the hackers than just account access that might be released in due course of time,” said Saket Modi, co-founder and CEO of Lucideus, in a statement. Lucideus is a digital security services provider.
“The only two parties responsible for the security of a social media account are the social media provider (in this case Twitter) and the owner of the account. As it’s just 2 accounts that have been compromised and misused, it is safe to assume that the exploited vulnerability was not present on the side of Twitter,” the statement read.
While the official Congress Twitter account has 1.38 million followers as of Thursday, @OfficeofRG account is followed by 1.22 million people on the popular micro-blogging platform.