MUST READ

Chrome sandbox escape nets security researcher $250,000 reward

 | 

Smart Buses flaws expose vehicles to tracking, control, and spying

 | 

MedusaLocker ransomware group is looking for pentesters

 | 

Google confirms Salesforce CRM breach, faces extortion threat

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 57

 | 

Security Affairs newsletter Round 536 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Embargo Ransomware nets $34.2M in crypto since April 2024

 | 

Germany limits police spyware use to serious crimes

 | 

Phishing attacks exploit WinRAR flaw CVE-2025-8088 to install RomCom

 | 

French firm Bouygues Telecom suffered a data breach impacting 6.4M customers

 | 

Columbia University data breach impacted 868,969 people

 | 

SonicWall dismisses zero-day fears after Ransomware probe

 | 

Air France and KLM disclosed data breaches following the hack of a third-party platform

 | 

CISA, Microsoft warn of critical Exchange hybrid flaw CVE-2025-53786

 | 

Microsoft unveils Project Ire: AI that autonomously detects malware

 | 

CERT-UA warns of UAC-0099 phishing attacks targeting Ukraine’s defense sector

 | 

Over 100 Dell models exposed to critical ControlVault3 firmware bugs

 | 

How CTEM Boosts Visibility and Shrinks Attack Surfaces in Hybrid and Cloud Environments

 | 

WhatsApp cracks down on 6.8M scam accounts in global takedown

 | 

Trend Micro fixes two actively exploited Apex One RCE flaws

 | 

Eastern India Regional Council hacked by Kapustkiy

Pierluigi Paganini November 20, 2016

Kapustkiy, one of the most prolific hackers at this moment announced a new data breach, the victim is the India Regional Council.

Last week, I was contacted by a young hacker that breached Indian embassies across the worlds, he goes online with the moniker Kapustkiy.

Kapustkiy is a seventeen years old pentester that is targeting organizations and embassies across the world. Recently he breached the ‘Dipartimento della Funzione Pubblica’ Office of the Italian Government, the Paraguay Embassy of Taiwan (www.embapartwroc.com.tw), and a few days ago the hacker and his friend Kasimierz (@Kasimierz_) hacked the Indian Embassies in Switzerland, Mali, Romania, Italy, Malawi, and LibyaKapustkiy and his friend Kasimierz (@Kasimierz_).

He also targeted Universities, including two subdomains of Virginia University & Sub domain of University of Wisconsin (http://pastebin.com/i1wmM5D1 ) and another embassy, the Indian Embassy in New York (http://pastebin.com/Akm9x4dD )

The Indian authorities have issued a public statement to thank the young hacker for exposing the vulnerabilities in their websites.

“Thank you for your advice,” said Sanjay Kumar Verma, Joint Secretary, eGovernance and Information Technology. “We are fixing codes one by one. Your help in probing websites of various Indian embassies is a great help.”

This time the young hacker breached the database at the Eastern India Regional Council and leaked online a small portion of the archive composed of 17,000 users. Kapustkiy leaked an excel file containing more than 2000 user records as proof of the breach.

India Regional Council breach

 

The records in the database of Eastern India Regional Council contain many attributes, including membership numbers, usernames, passwords, email addresses, registration numbers.

Kapustkiy used some web scanners to find several vulnerabilities in the target website and a simple SQL Injection tool to exploit the flaw he discovered. The hacker tried to contact the organization but they seem to ignore emails.

Once again Kapustkiy is inviting website administrators to pay attention to the security of their infrastructure.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Kapustkiy,  India Regional Council)

data breach Hacking Hacktivism India Regional Council Kapustkiy

you might also like

Pierluigi Paganini August 11, 2025
Chrome sandbox escape nets security researcher $250,000 reward
Read more
Pierluigi Paganini August 11, 2025
Smart Buses flaws expose vehicles to tracking, control, and spying
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Chrome sandbox escape nets security researcher $250,000 reward

Hacking / August 11, 2025

Smart Buses flaws expose vehicles to tracking, control, and spying

Hacking / August 11, 2025

MedusaLocker ransomware group is looking for pentesters

Hacking / August 11, 2025

Google confirms Salesforce CRM breach, faces extortion threat

Data Breach / August 10, 2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 57

Breaking News / August 10, 2025