Legion, an unknown group of people who hacked Twitter accounts of prominent personalities like Rahul Gandhi, Vijay Mallya, Ravish Kumar and Barkha Dutt, have claimed they have no political motives behind this exercise. The group said Lalit Modi is their next target and they also claim to have access to sansad.nic.in, which is the email used by nearly all government employees in India.
In a Washington Post report on Monday, a member of the group divulged that he was not interested in any ‘political data’ until a few weeks ago. He said that the group, which he “claims number in the ‘higher single digits'”, was in possession of terabytes of raw data and they had filtered gigabytes worth of data from it. In another interview to a tech website, FactorDaily, the group said they plan to “dump” “sansad-.nic.in emails,” and that this includes “a lot of Big Fish.”
When asked about whether they had a political agenda behind the leaks, the hacker said told Washington Post that people who thought so should “gas themselves with a balloon filled with Zyklon B.” For context, that’s the gas used by the Nazis during the Holocaust against the Jews.
Legion’s first target was Congress Vice-President Rahul Gandhi, whose Twitter account was hacked and the group also said they will put out a massive email data dump from Congress’ emails. The group had indicated they had managed to hack the server of Indian National Congress website. One day after Rahul Gandhi’s Twitter was hacked, the INC Twitter handle was also compromised. This was followed by the hacking of Vijay Mallya’s Twitter account and his personal data, including details of assets, were put online.
On Saturday, Legion followed it up by hacking Barkha Dutt and Ravish Kumar’s Twitter accounts and gained access to their emails. Legion had managed to hack NDTV’s entire email server, and then posted a link to 1.2GB worth of Barkha’s emails on her hacked Twitter account.
In conversation with the WaPo journalist, the member of the group Legion, who presumably operates from somewhere in India, said that they were just a “group of computer geeks who were addicted to crime and drugs.” Washington Post has put out snippets of the encrypted conversation that has taken place between the reporter and the Legion hacker. Interestingly in the FactorDaily report, the hacker claims to be based out of India and says he doesn’t have an Indian passport.
Interestingly the hacker says their aim is to put out classified information on the Internet, and claim have “access to over 40k+ servers in India.” For enterprises in India, this can’t come as good news, and this doesn’t just apply to media houses.
The hacker also claimed they might release an email dump of an entire email provider, which has over 50,000 corporate clients in India, but then admitted the number is “an exaggeration.” However, the group also has access to Apollo Hospital’s data server, and again this doesn’t bode well if one considers doctor-patient confidentiality and privacy. However, the hacker also mentioned that they were unsure of releasing the data from some servers as it might end up causing ‘chaos’.
One thing is clear from the hacking saga that enterprises, be it media houses or even hospitals, are facing serious issues with the internet security, especially around crucial data. As the hacker himself told WaPo, he found a lot of Mallya’s personal data quite easily and most of it was un-encrypted.