A group of hackers on Monday, March 19, claimed to have hacked into the Rajya Sabha website that only members of the Upper House and administrators of the website have access to, Scroll reported on March 20. The group, which identifies itself as Lulzsec India, posted two screenshots on Twitter on Sunday night purportedly after logging into the account of Bharatiya Janata Party President Amit Shah, who is also a Rajya Sabha member. One screenshot was of Shah’s portal and the other a request to update his address.
The screenshots show that the hackers purportedly opened two links – one pertaining to bulletins meant for Shah and another link through which they could have sent a request to update his personal address.
The Twitter post by the group shows that the hackers had access to everything that is available on the Rajya Sabha website, including Shah’s email inbox on the Rajya Sabha domain, official email, text messages sent by the public on official phone number, bulletins, details on debates, business in the Parliament, telephone, electricity and water bills, travel allowance and even money transfers to official bank accounts.
The members’ logins are secured by usernames and passwords that the hackers claimed to have bypassed.
The hacker group also called for a deep analysis of Indian cyber security policies in their Tweet.
“Wow, what pathetic security! Where we stand as one of the global power, still lack behind in cyber security. Rajay Sabha E-Governing portal pawned... very low level security. Time to make a deep analysis in Indian cyber security policies.”
The Rajya Sabha website comes under the domain of the National Informatics Centre, which through its information and communication technology network provides institutional linkages among all ministries and departments of the central government, several channels of state governments and union territories and as many as 688 district administrations. Websites that come under the ambit of the Centre have a ‘(dot)nic’ in their address.