A total of 72 tweets of Tesla and its CEO Elon Musk were retweeted from the Government Railway Police's (GRP) Twitter handle on Friday after it was allegedly hacked.
On Friday morning, Commissioner of Police (Railways), Quaiser Khalid tweeted, “Dear Mumbaikars, it has come to our notice that @GRPMumbai handle seems to have been hacked. We request you to not pay heed to any free tweets till we update further. The agencies concerned are working on regaining access.”
By the afternoon, the alleged hacker who seems like a fan of the world's richest man had retweeted every possible tweet of Musk's operations including those on SpaceX, where Musk is a chief executive. This incident occurred hours after Musk successfully took over Twitter as its new owner on Thursday.
Meanwhile, Mr Khalid told FPJ, “We have e-mailed Twitter, notifying them about the hacking that occurred in the early hours of Friday (IST). Our priority is to gain access first, while subsequently an offense has been registered and investigations have begun.”
This is not the first such instance at the state and national levels where police and civic accounts and websites were compromised by unknown hackers that caused trouble to the authorities or caused a public nuisance. Previously, the websites of the Thane Police, the Kalyan-Dombivli Municipal Corporation and the Mumbai University were reportedly hacked. At the national level, police accounts of Gujarat, Kerala, and Kanpur (Commissioner of Police) were hacked.
To understand the causes of such frequent hacks, FPJ spoke to advocate Prashant Mali – a cyber-crime expert and privacy lawyer. “There are several personnel involved who operate a single account, be it police or a civic body. When multiple people operate one single account the chances of risks with privacy increase. By turning on two-factor authentication (2FA), the risks can be reduced,” Mr Mali explained.
Twitter account of GRP Mumbai hacked, fleeting tweets of Elon Musk | Screenshot
Mali further said that disciplinary action should be taken against the account handlers as well for gross negligence. “Everyone should be held accountable for their actions while following the guidelines provided by the government with regard to security and privacy,” he said.
2FA: A safer bet?
Two-factor authentication (2FA) is a security process in which users provide two different authentication factors to verify themselves. It is reportedly usually implemented to protect both user's credentials and resources the user can access. 2FA provides a higher level of security than single-factor authentication which is a password or passcode. It is also known that 2FA adds an additional layer of security, making it difficult for attackers to gain access to a person's devices or online accounts.