In a concerning cybersecurity incident, the official websites of the Cyberabad and Rachakonda police commissionerates in Hyderabad were targeted by unidentified hackers. This attack comes just days after a similar breach on the Telangana High Court's official portal, highlighting a worrying pattern.
Websites Forced Offline Following Security Breach
For nearly a week, users attempting to access www.cyberabadpolice.gov.in and www.rachakondapolice.telangana.gov.in were met with errors stating the site could not be reached or had a bad gateway issue. While officials initially cited maintenance and network problems, a senior police source confirmed to TOI that both sites were indeed attacked.
The modus operandi was identical to the high court hack that occurred on November 13. When users clicked on certain downloadable PDF files, they were automatically redirected to an online betting portal named BDG SLOT. To prevent visitors from landing on this unauthorized betting page, the police websites were taken offline completely.
Security Audit Underway to Plug Vulnerabilities
Following the high court breach, where a registrar filed a formal complaint with Hyderabad cyber crime police, top police officials directed the National Informatics Centre (NIC) to audit all police websites under its control. This audit revealed similar security loopholes in the Cyberabad and Rachakonda portals.
A Delhi-based cyber security firm has now been entrusted with the task of auditing the two compromised police sites and fixing the vulnerabilities, all under the supervision of NIC. The firm is working to identify the weak points that allowed the hackers to tamper with the sites.
A senior official stated, "Once the issues are resolved, the sites will likely go live in a couple of days." A case regarding the high court hack has been registered under relevant sections of the BNS, IT Act, and Gaming Act, but no arrests have been made so far.
A Pattern of Attacks on Government Portals
This series of attacks exposes significant vulnerabilities in government-managed web infrastructure. The fact that the same redirect tactic was used across multiple high-profile sites—the high court and two major police commissionerates—suggests a coordinated effort by the threat actors.
The incidents have raised serious questions about the cybersecurity protocols for essential public service websites maintained by government bodies. The ongoing audit is a critical step, but it underscores the urgent need for proactive and robust digital security measures to protect sensitive public portals from such disruptive and malicious attacks.
