What is the Hawk Eye crime reporting app?

The Hawk Eye crime reporting app is launched by the Telangana State Police to enable users to report crimes. It is designed to assist in law enforcement and public safety.

Who launched the Hawk Eye crime reporting app?

The Hawk Eye crime reporting app was launched by the Telangana State Police, which is headquartered in Hyderabad and is the primary law enforcement agency for the state of Telangana, India.

What happened to the Hawk Eye crime reporting app?

The Hawk Eye crime reporting app was reportedly breached, exposing personally identifiable information (PII) of its users.

What types of information were compromised in the breach?

The compromised data includes names, email addresses, phone numbers, physical addresses, IMEI numbers, location coordinates, SOS records, incident reports, and travel detail records.

What was the cause of the breach?

The breach has been attributed to the app’s failure to update its security measures. Sources suggested it was due to a hard-coded password in the app that allowed direct access to their APIs.

Incident

Telangana State Police App reportedly breached, PII data of users leaked

Q: Where was the breach reported?

The breach was reported on BreachForums, a black-hat hacking forum, on May 29 by a user named “Adm1nFr1end” who provided sample records as proof of the breach.

published: June 3, 2024

Learn More

The Hawk Eye crime reporting app, launched by the Telangana State Police, has reportedly been breached, exposing personally identifiable information (PII) of its users. The Telangana State Police, headquartered in Hyderabad, is the primary law enforcement agency for the state of Telangana, India.

The data breach affected 130,000 women who had filed SOS requests, exposing their location and other personal details. Incident reports included sensitive complaints, such as one filed by a woman against a man for harassment after promising to marry her.

The breach is claimed breach was reported on BreachForums, a black-hat hacking forum, on May 29 by a user named “Adm1nFr1end.” The hacker provided sample records as proof of the breach.

The compromised data includes:

Names
Email addresses
Phone numbers
Physical addresses
IMEI numbers
Location coordinates
SOS records (130,000)
Incident reports (70,000)
Travel detail records (20,000)

The breach has been attributed to the app’s failure to update its security measures. Sources within the Telangana Police confirmed the breach, which cybersecurity researcher Srinivas Kodali suggested was due to a hard-coded password in the app that allowed direct access to their APIs.

Update - as of 9th of June 2024, the Telangana Cyber Security Bureau (TGCSB) has apprehended Jatin Kumar, a 20-year-old student from Greater Noida, for hacking into the ‘Hawkeye’ mobile application. Jatin, who resides in Jhansi, Uttar Pradesh, posted details of the breach on databreachforum.st and attempted to sell the data for $150. He provided Telegram IDs ‘Adm1nfr1end’ and ‘Adm1nfr1ends’ for buyers interested in data from the Hawkeye and TSCOP applications, respectively.

He was arrested and will be brought to Hyderabad on a transit remand. Jatin has a history of cybercrimes, having been previously arrested by a special cell of Dwarka police station in New Delhi (Case 201 of 2023) for leaking Aadhaar card data and other sensitive information.

Telangana State Police App reportedly breached, PII data of users leaked

Read More
National Telecommunication Monitoring Center leaks data of Bangladeshi …
City of Helsinki reports data breach of its …
City of St. Joseph, Missouri hit by ransomware …
Liberty Township, Ohio reports ransomware attack
Somerset County Children and Youth Services reports cyberattack, …