Cyber Incident Victim: Passport Office Kolkata
Date:
Oct 2015
Location:
India
Summary
The official website of the Passport Office Kolkata was compromised by a Pakistani hacker group identifying as "Team Pak Cyber Experts," who defaced the site with a retaliatory message. The attackers cited repeated cyber intrusions by Indian hackers against Islamic and Pakistani government sites as motivation, warning of escalated cyber operations if such activities continued. The defacement included threats to target Indian digital infrastructure more aggressively, emphasizing the vulnerability of the victim's systems and asserting Pakistani cyber capabilities. No specific data breach or operational disruption beyond the public-facing defacement was detailed in the provided information.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On October 24, 2015, the official website of the Passport Office Kolkata (http://passportofficekolkata.in/) was compromised by a group identifying itself as "Team Pak Cyber Experts." The attackers replaced the website's content with a defacement message written in Spanish and English, claiming the intrusion was retaliation against Indian hackers for allegedly targeting Islamic religious sites and Pakistani government web portals. The message accused "Indian cyber devils" and "n00bras teams" of persistent attacks on Pakistan's cyber space, specifically citing the abuse of Islam on hacked platforms as the primary provocation. The hackers issued an ultimatum demanding Indian hackers cease these activities, threatening escalated cyber warfare if their warnings were ignored. They boasted about their capability to re-enter compromised systems, explicitly mentioning vulnerabilities in cPanel, domain administration, and admin panels. The message concluded with a taunt about the comparative vulnerability of Indian cyber infrastructure and a disproportionate retaliation pledge: "You will hack 1 we will hack thousands." No data theft, malware deployment, or system disruption beyond the defacement was explicitly claimed or described in the available source material.
The incident represented a direct attack on a critical Indian government service, potentially disrupting passport-related information access for citizens in Kolkata. The attackers framed their actions as defensive, asserting Pakistani hackers were "always ready and alert to defend the cyber space of Pakistan." No response actions by the Passport Office Kolkata or Indian cybersecurity authorities were detailed in the source material, though the article noted Indian officials faced jurisdictional challenges in pursuing the hackers due to their presumed location in Pakistan. The defacement message did not include explicit contact points for negotiation, though the article ambiguously referenced an unspecified email or Facebook Page URL provided by the hackers. The attack amplified tensions in ongoing India-Pakistan cyber conflicts, with the hackers positioning the breach as a "pay back" for previous intrusions against Pakistani sites. Operational consequences beyond reputational damage and temporary service unavailability were not documented in the available evidence.