Legion hacker claims email leak of 74,000 chartered accountants
16 Dec 2016
An 18-year-old Indian has shared with The Times of India, a list of what he claimed were email addresses and passwords of nearly 74,000 chartered accountants. The young hacker is part of Legion, the hacker group that had got India's attention after several high-profile email and Twitter hacks, and a number of extensive data dumps.
On Wednesday evening, he shared with TOI a list of what he claimed were addresses and passwords of nearly 74,000 chartered accountants in the country.
Over an encrypted text chat, he further claimed to have compromised the accounts of former IPL chairman Lalit Modi, and the sansad.nic.in domain though the data was to yet to be dumped. Issuing a veiled threat, he also said Delhi Police needed to strengthen their own passwords instead of trying to catch them.
"We have dumpz (sic) from all the major institutions...all the major banks and passwords...of all da chartered accountants in INDIA. And those that had the same pw on Dropbox? Too bad, they got owned (compromised) and all the dox were dumped. The people they work for? Too bad for them too. Raw data brings chaos," the hacker said, sharing a link to the email and password list.
He added that the group would release more raw data without sifting through it.
Legion's exploits are a wake-up call for transforming digital India and alarm bells were ringing loud and clear in three domains. The first bell was clearly for India's law enforcement institutions as this was not the first time that the security establishment had been caught deer-like.
The second bell was meant for organisations and institutions using digital payment gateways.
An the third bell was for us, "as a collective and as an emerging community of digital natives."