Legion hack: After Rahul Gandhi, Barkha Dutt and Vijay Mallya, Lalit Modi could be next

The recent celebrity hacks that took place over the past week must have surely got plenty of high-profile celebrities scrambling to change their passwords. Hacker group Legion took to the stands to take a bow, for what would have been entertainment for the common man, but spelt trouble for every high-profile celebrity who may have had something to hide. In a chat interview with the Washington Post, a member of the Legion pointed out how this could not even qualify as a demo, as they have access to tonnes of server data and that a lot more is headed our way.

The first target was Congress heir Rahul Gandhi, followed by beer baron Vijay Mallya and over the past weekend, NDTV news editors Barkha Dutt and Ravish Kumar. The objective of these hacks was not just to compromise their Twitter accounts, but leak personal email data, which was made available via a download link tweeted out by the same accounts while they were hacked.

According to the interaction by Washington Post’s Max Bearak, the hacking group was not after these specific high-profile targets with a hitlist, instead it was the other way around. The group reportedly got hold of several terabytes of raw data categorised by “interests” within which they got hold of gigabytes of data pertaining to Indian public figures. In short, it was the available data that helped them choose whom to target first.

The current objective was to was to dump classified data into public domain. The data which instigated the Legion to these hacks apparently came from what remains to be an unknown source. And it was quite a big dump with access to over 40k+ servers in India. It was so immense that the hacker group even built a tool to sift through them.

https://twitter.com/LalitKModi/status/807916439151738880

The next target as indicated during the NDTV hacks would be businessman and former head of India’s cricket league, Lalit Modi. While this has yet to take place according to the above tweet, individual accounts are a taster of what’s to come.

After Lalit Modi, the group is looking at email dump from over 50,000 corporate email clients in India. Post that it would be bigger institutions like private hospital chain Apollo although it is unsure about hospitals as it would lead to “chaos”.

Soon after the Rahul Gandhi hack, the official account of All India Congress Committee  was next in line. Post this Congress took it up as an opportunity to raise awareness about the issues related to cybersecurity and privacy. “Truth is that every Indian’s privacy is similarly under attack and the onus lies on the Modi government to do suitable course correction for protecting the privacy of everyone who is on social media,” said Congress leader Randeep Singh Surjewala. The focus soon moved on from the hacked twitter accounts to the safety of the digital payment network, which has a seen a surge of users after the recent demonetisation move by the prime minister.