Cyber Incident Victim: Azad Kashmir Government Portal

In early September 2014, the Azad Jammu and Kashmir government portal suffered a cyber intrusion conducted by the Pak Cyber Eaglez (PCE) hacker collective. The attackers compromised the entire multi-departmental portal, which provided access to services for the police, law, finance, health, industry, social welfare, schools, and tourism sectors. Hackers defaced multiple pages within the portal, including the Police Department’s section, altering content with visible disruptions such as images referencing pop culture figures to signal unauthorized changes. During the breach, PCE extracted the portal’s user database containing login credentials, though only email addresses and password hashes were obtained due to the absence of plaintext password storage. The compromised credentials were subsequently published on Pastebin, an anonymous document-sharing platform. The attack was executed as a protest against perceived government brutality, with the defacements and data leak occurring earlier in the week prior to public disclosure on September 5.

Authorities responded by suspending all access to the compromised portal to contain the breach, resulting in widespread service disruptions. Affected pages displayed “under maintenance” notifications or 404 errors during the restoration process. Technical teams worked to remove defaced content and restore original functionality across all departmental sections. The incident exposed sensitive authentication data, creating potential risks for credential misuse despite the hashed nature of the passwords. No additional attacker motives or further exploitation beyond the defacement and credential dump were documented in available reports. Service recovery efforts remained ongoing at the time of reporting, with no specified timeline for full restoration.