Telangana Police Hit By Second Major Data Breach In A Week A TSCOP App Compromised

Hyderabad, June 7 (Maxim News): Just a week after the hacking incident involving Telangana police HawkEye app, another app, TSCOP, has been compromised as well. As a result, police-related data is currently available for sale on online forums. The same hacker responsible for the breach of HawkEye is behind this security lapse. The TSCOP app user data is being sold online for $120.

Click Here To Join Us On WhatsApp   

Launched in 2018, TSCOP was intended for internal use by Telangana police, primarily to provide instant information to aid in crime-solving.

  Telangana Police Hit By Second Major Data Breach In A Week A TSCOP App Compromised
Telangana Police Hit By Second Major Data Breach In A Week A TSCOP App Compromised

Data security researcher Srinivas Kodali said, “Someone hacked the entire TelanganaCOPs network including TSCOP, their facial recognition setup.” Kodali further explained that it was easy for the hacker because the software company, WINC IT Services, embedded passwords as plain text inside the TSCOP app, which also connects to the Crime and Criminal Tracking Network & Systems (CCTNS).

Click Here To Join Us On WhatsApp   

In just one week, Telangana police experienced three major data leaks, all attributed to the same hacker: the TSCOP app data leak, the Telangana police SMS service portal breach, and the HawkEye app data leak.

The TSCOP app enables police officers to access crime and criminal databases and match images of people taken during patrols. The state has also built a comprehensive ‘360-degree view of every citizen’ database. Moreover, the app features an integrated facial-recognition system (FRS), allowing police to identify criminals, unknown bodies at crime scenes, or even missing children.

Click Here To Join Us On WhatsApp   

The hacker has posted sample data on forums to entice buyers, showcasing details such as offender records, police gun licenses, and other law enforcement information. User information, including officer names, police station affiliations, designations, and images, is now available for purchase online, with hundreds of police officers’ details listed as “samples.”

Notably, the TSCOP app had previously been recognized by the National Crime Records Bureau (NCRB) with an award in 2017 under the “Empowering Police with Information Technology” category. Kodali offered some advice to the police, stating, “Telangana police should use a longer password with alphabets, numerals, capitals, and symbols. But don’t forget to hardcode the entire password in your apps. Also please use HTTP only.”

Click Here To Join Us On WhatsApp   

Recently, a data breach involving the HawkEye app, designed for Telangana police, was reported on BreachForums, a well-known marketplace for stolen data. Threat actors claimed that thousands of emails, phone numbers, SOS calls from women, and other details had been leaked. The Telangana State Cyber Security Bureau has registered a case under the IT Act and begun an investigation.

“We have registered a case and are investigating the hacking allegations and suspected breach,” additional director general (DG) (CID) Shika Goel told a leading English Daily. On the forum, the threat actors claimed that the leaked data included names, email addresses, phone numbers, and locations of over 200,000 users. A threat actor, known as ‘Adm1nFr1end’, claimed on May 29 on BreachForums that the breached database includes 130,000 SOS records, 70,000 incident reports, and 20,000 travel detail records.

Click Here To Join Us On WhatsApp   

The HawkEye app, launched by Telangana police in 2014, allows the public to report violations, tip off police, and report crimes against women. It features an SOS button for emergency assistance, requiring users to share personal details like their name, email ID, and mobile number.

A sample of the leaked data included a complaint filed by a woman on the HawkEye app. She detailed how a man, who had promised to marry her, was now threatening her and her family. The data leak exposed her name, mobile number, location, and the date and time of the complaint. (Maxim News) 


Next Story :

  • Modi In Kuwait: Meets Emir, Attends Opening Ceremony of Arabian Gulf Cup

    Modi In Kuwait: Meets Emir, Attends Opening Ceremony of Arabian Gulf Cup

    Prime Minister Narendra Modi on Saturday attended the 26th Arabian Gulf Cup opening ceremony as the ‘guest of honor’ and met with the Emir of Kuwait, Sheikh Meshal Al-Ahmad Al-Jaber Al Sabah, during the event.


  • Saree will never go out of fashion: Sanjay Garg

    Saree will never go out of fashion: Sanjay Garg

    FTCCI Ladies Organisation (FLO) celebrated World Saree Day on Friday at Hotel Leela in Banjara Hills.  World Saree Day is celebrated on December 21 every year.


  • Telangana Legislative Assembly Adjourned Sin-E-Die

    Telangana Legislative Assembly Adjourned Sin-E-Die

    Hyderabad, Dec 21 (Maxim News): Telangana Legislative Assembly has been adjourned sin-e-die. The Assembly sessions that began on Monday were held for six consecutive days. In total, the assembly lasted for 37 hours and 44 minutes in seven days.


  • Big Jolt For Kejriwal: LG Gives Nod To ED To Prosecute AAP Chief

    Big Jolt For Kejriwal: LG Gives Nod To ED To Prosecute AAP Chief

    Hyderabad, Dec 21 (Maxim News):  Ahead of the Delhi Assembly Elections, Aam Aadmi Party (AAP) chief and former Delhi CM Arvind Kejriwal has received a shock. It is reported that the Delhi Lieutenant Governor (LG) has permitted the Enforcement Directorate (ED) to prosecute Kejriwal in the liquor scam case. With this, the line will be cleared for…


Now you can get the latest stories from Indtoday on Telegram every day. Click the link to subscribe.  Click to follow Indtoday’s Facebook pageTwitter and Instagram. For all the latest Hyderabad News updates

Leave A Reply

Your email address will not be published.