Ahmedabad Doctor Targeted in CCTV Password Exploitation Case
In a disturbing case highlighting persistent cybersecurity vulnerabilities, a doctor running a clinic in Ahmedabad's Paldi area fell victim to blackmail after a former CCTV installer exploited unchanged default passwords to access private surveillance footage. The Ahmedabad Police arrested 32-year-old Abdul Wahab Saiyed, a resident of Kodinar, on Saturday for remotely accessing the clinic's cameras and using obtained video to threaten and extort money from the medical professional.
How the Cyber Extortion Unfolded
According to detailed police reports, the accused had previously worked with a CCTV installation company and personally installed surveillance cameras at the complainant's clinic. Although his employment ended some time ago, the doctor had never changed the default administrative ID and password provided during installation. This critical oversight allowed Saiyed to retain remote access to the clinic's entire surveillance system long after his professional relationship with the establishment had concluded.
The cybercrime came to light when the doctor began receiving alarming WhatsApp messages from an unknown number. These messages contained explicit video clips captured from inside his private clinic cabin, showing the complainant undergoing a body massage session. Accompanying these invasive videos were QR codes for online payment, with the sender threatening to distribute the footage across social media platforms and local community groups unless monetary demands were met.
Escalating Threats and Police Intervention
"We registered a comprehensive cybercrime case after the victim approached us," stated a senior police officer involved in the investigation. "The accused had remotely accessed the CCTV system of the complainant's medical office. When the doctor was receiving a therapeutic body massage, the perpetrator obtained the private video and began systematic threats. His initial demand was for Rs 40,000, of which Rs 5,000 was actually paid through online channels. When further financial demands escalated, the victim courageously approached the Paldi police station."
Initially, the doctor attempted to block the threatening number, but the harassment continued through multiple alternative accounts. Fearing severe reputational damage within both his professional community and personal circles, the medical practitioner reluctantly paid Rs 5,000 via digital payment. However, when subsequent demands became increasingly aggressive, he filed an official complaint, leading to Saiyed's arrest following a thorough investigation.
Broader Pattern of CCTV Security Negligence
During interrogation, Saiyed revealed that after leaving the CCTV installation industry, he had been working as a laborer at a poultry farm. Police investigators noted that the accused resorted to blackmail after his children fell seriously ill, creating urgent financial needs for medical treatment. Despite this personal circumstance, authorities emphasized that exploiting security vulnerabilities for criminal gain remains completely unacceptable.
Investigators highlighted that this case bears striking similarities to previous CCTV hacking incidents across Gujarat, including the notable Rajkot hospital case where sensitive medical facility footage was similarly accessed after installers retained administrative credentials. In both instances, police have consistently flagged fundamental negligence in password management as a major digital vulnerability that criminals continue to exploit.
Police Action and Security Recommendations
The Ahmedabad Police have recovered mobile phones and digital devices used in the commission of the crime and are currently examining whether the accused accessed other locations using identical methods of password exploitation. A formal case has been registered under relevant sections of the Information Technology Act and the Bharatiya Nyaya Sanhita for extortion, criminal intimidation, and various cyber offenses.
This incident serves as a critical reminder for all individuals and businesses utilizing surveillance systems to immediately change default passwords upon installation, implement regular password updates, and maintain strict access controls. Cybersecurity experts emphasize that default credentials represent one of the most common entry points for digital intruders, making basic password hygiene an essential first line of defense against privacy breaches and cyber extortion attempts.
