PathLegal, a well-known online legal service provider in India, has experienced a significant data breach that has exposed sensitive information belonging to approximately 127,000 legal professionals and students. The alleged cyber attack, carried out by the Hacktivist Indonesia cybercriminal group, was part of their larger campaign called “OpIndia.” PathLegal, which has a vast network of over 10,000 legal professionals, has remained accessible despite the suspected breach. However, the company has not yet released an official statement acknowledging or addressing the alleged breach.
According to Hacktivist Indonesia, they were able to exfiltrate 127,000 databases of lawyers through the cyber attack on PathLegal. The hacked database also contained student information. Falcon Feeds, a Threat Intelligence platform, posted a screenshot from the hackers’ Telegram channel, confirming their involvement in the breach. They described the breach as part of the Hacktivist Indonesia’s OpIndia campaign.
Prior to the G20 Summit 2023, several hacktivist groups from Indonesia took to Twitter to post threats against Indian websites and vowed to disrupt India’s digital infrastructure. The Jambi Cyber Team, an Indonesian hacktivist group, used their Twitter channel to publicly release records of registrants with photo IDs from educational institutions and government websites. However, their Twitter account has now been suspended. The G20 Summit 2023 was a significant global meeting attended by over 19 countries, along with the European Union, to discuss international agendas. During this time, hacktivists, including the Ketapang Grey Hat Team, Hacktivist Indonesia, Jambi Blackhat, Warrior Garuda Crime, and Karawang Cyber Team, launched defacement attacks on Indian organization websites.
In response to the continuous targeting of India by hackers, an Indian hacktivist collective known as the “Indian Cyber Punk” issued a stern warning through a Telegram message. They stated their intention to retaliate with cyber attacks on critical Indonesian infrastructure. Their operation was named “#Oppayback_id” and was specifically aimed at addressing the ongoing cyber threats. Several other groups, including TEAM_ANON_101, TEAM_UCC, TEAM_ICP, Anonymous IndiaIndia, UnknownCyberCult, and Indian_Cyber_Punk, have shown support for the Indian hackers involved in this cyber conflict.
Another hacktivist group known as “Fr3dens of Security” has identified India’s Ministry of Information and Broadcasting (MIB) as a potential future target. The MIB is responsible for overseeing regulations and laws related to press, cinema, and other related domains. The group has now focused its attention on the MIB and created a new Telegram channel to communicate their plans.
In retaliation for the attacks on Indian digital infrastructure, Falcon Feeds tweeted the names of Indonesian websites that were targeted by a group called Team NWH Security. These websites included bali-airport.com/en, jakartaairportonline.com, and indonesiaairport.com. Falcon Feeds also provided checkhost links to verify the status of the websites after the alleged cyber attacks. Additionally, Indonesia’s computer emergency response team website was allegedly hacked by Team NWH Security.
Other hacktivist groups, such as Team Insane Pakistan, have also joined the cyber conflict. They posted a checkhost link to the Directorate General of Foreign Trade (DGFT) website of India, which was inaccessible at the time of writing. The Mumbai Police website was also mentioned on the Telegram channel of Team Insane pk as a potential target.
It is important to note that this report is based on internal and external research obtained through various sources, and the information provided is for reference purposes only. Users are responsible for their reliance on this information, and The Cyber Express assumes no liability for the accuracy or consequences of using it.
Overall, the cyber conflict between Indonesian and Indian hacktivist groups continues to escalate, putting sensitive information and critical infrastructure at risk. The authorities in both countries will need to work together to address these cyber threats and ensure the security of their digital networks.