Kerala Cyber Hackers

The organisation known as Kerala Cyber Hackers is a hacker collective based in India. Its primary activity consists of gaining unauthorized access to computer systems. These intrusions are typically carried out to convey political or social messages. The group’s actions are not motivated by financial gain but by a desire to highlight perceived shortcomings in public services. This characterization is drawn from the only publicly documented operation attributed to them.

A distinguishing attribute of the group is its focus on protest‑motivated attacks that aim to expose inadequacies in healthcare provisions. They have demonstrated the ability to compromise a target system in under ten minutes, indicating a high level of technical efficiency. Rather than selling or leaking the obtained data, they often share screenshots as proof of intrusion while publicly stating they will not release the information. This approach serves to pressure authorities without triggering the legal consequences associated with data dissemination. The method underscores a specialization in using cyber intrusions as a form of advocacy rather than conventional cybercrime.

On June 27, 2020, the group breached a government health database containing COVID‑19 patient records. The compromised data included names, ages, addresses, and test results for approximately eighty thousand individuals. The intrusion was carried out to protest the alleged shortage of personal protective equipment and poor working conditions faced by healthcare staff during the pandemic. After accessing the system, the attackers posted screenshots of the records to demonstrate the breach but asserted they would not publicly leak the data. At the time the incident was reported, government authorities had not issued a formal response or statement regarding the intrusion. The event drew attention to weaknesses in the storage and protection of citizens’ health information within Indian governmental systems. It also contributed to ongoing debates about the adequacy of cybersecurity measures for sensitive public‑sector databases. Consequently, the breach is frequently cited as an example of how hacktivist actions can reveal systemic vulnerabilities without resulting in data misuse.