Official Website of “Eastern India Regional Council” Hacked, 17000 User Accounts Exposed

A few days ago, 7 Indian Embassies which are located in different countries had been hacked by 17-year-old “Kapustkiy” named hacker. Now, the official website of Eastern India Regional Council has been hacked by the same hacker. 17000 users of “The Institute of Chartered Accountants of INDIA” have been affected by this hack. As a proof, Kapustkiy posted a link on Pastebin which contains an excel file of approximately 2000 breached accounts. Now this link has been removed by Pastebin team.

Kapustkiy is in news for hacking government websites of various countries. The Indian Embassies which are located in Mali, Italy, Romania, Switzerland, Libya and Malawi were hacked by @Kapustkiy (The Bruce Lee of Internet) and his fellow hacker @Kasimierz. Two days ago, the database of Dipartimento della Funzione Pubblica office of the Italian Government breached by @Kapustkiy. Hacker exposed 45000 user accounts from the breached database.

The story isn’t over yet, an embassy of Taiwan which is located in Paraguay has also been hacked by Kapustkiy. He exploited a security vulnerability on its official website "www.embapartwroc.com.tw" to breach the database.

Kapustkiy also hacked the New York Embassy of India. Moreover, he hacked two sub domains of Virginia University and another sub domain of the University of Wisconsin. Kapustkiy is hacking government websites and pasting some amount of hacked data on Pastebin as a proof. According to Kapustkiy, he is only inviting web admins to pay attention toward security as well. His this method is working also because recently, a public statement has been issued by Indian Authorities to thank this 17 years old hackers for finding major security vulnerabilities in their official websites of targeted embassies.

Here is the statement of Indian Authorities:

From the leaked copy of breached Eastern India Regional Council accounts, we came to know that leaked data contains usernames, membership numbers, registration numbers, email addresses and passwords. This time again he exploited a SQL injection vulnerability of Eastern India Regional Council website. According to security experts, Kapustkiy is using some web scanning tools to find vulnerabilities in government websites.

Similar Articles: