Cyber Incident Victim: Bruhat Bengaluru Mahanagara Palike Commissioner

On June 4, 2021, Bruhat Bengaluru Mahanagara Palike (BBMP) Chief Commissioner Gaurav Gupta’s official Twitter account was compromised by hackers who posted cryptocurrency-related messages. The attackers first renamed the account from ‘Gaurav Gupta’ to ‘TSLA’ before altering the display name to a single hyphen (‘-’). They published tweets promoting a fraudulent bitcoin giveaway, instructing users to retweet the message and visit a suspicious link (www.TESLABIG.com) to participate in a purported distribution of 5,000 BTC. The hackers also commented on a tweet by Tesla CEO Elon Musk from the compromised account, though these interactions were later deleted. BBMP officials confirmed the breach and collaborated with cybercrime police to restore access, successfully recovering the account by 7pm the same day. Following account restoration, Gupta publicly stated that steps had been implemented to prevent future incidents while reaffirming his commitment to citizen engagement on civic matters.

The compromised account, followed by 120,000 users, served as a critical communication channel between Bengaluru’s administration and residents, particularly for civic grievances and COVID-19 updates. This breach exposed followers to financial scams through the fraudulent cryptocurrency scheme. Historical context revealed vulnerabilities in Bengaluru’s official accounts, including a September 2019 incident where six traffic police Twitter accounts were hacked due to weak passwords. In August 2019, the state government’s e-procurement portal was breached, resulting in the diversion of over ₹1 crore to unauthorized accounts. The BBMP incident highlighted recurring cybersecurity challenges facing Bengaluru’s administrative infrastructure, though no financial losses or data breaches were explicitly linked to this specific Twitter compromise. Authorities did not disclose technical details about the attack vector or identity of the perpetrators.