AHMEDABAD: A single default password – “admin123” – was all it took to unlock a nationwide nightmare. What started at Payal Maternity Hospital in Rajkot as a case of careless digital housekeeping spiralled into one among India’s most annoying cyber scandals. Hackers breached the hospital’s CCTV system by means of its default admin login, stole hours of intimate footage of ladies being examined within the gynaecology ward, and fed it into a world porn fetish community for revenue. The entry logs spanned almost a 12 months, from Jan 2024 by means of early Dec 2024, till the perpetrators had been arrested this Feb. The hackers had been in a position to steal at the very least 50,000 clips over 9 months from throughout the nation.
Investigators: 80 CCTV dashboards compromised The rip-off got here to gentle after teaser clips from the Rajkot facility had been posted on-line on YouTube channels like “Megha Mbbs” and “cp monda”. Clients had been led to Telegram teams to purchase the footage, for something between Rs 700 and Rs 4,000. Investigators discovered about “80 CCTV dashboards compromised nationwide, together with in Pune, Mumbai, Nashik, Surat, Ahmedabad, and Delhi”. The victims ranged throughout 20 states, spanning hospitals, colleges, company homes, cinema halls, factories, and even personal residences. Regardless of the first arrests being made earlier in 2025, investigators discovered that these illegally obtained clips had been nonetheless accessible on Telegram teams till at the very least June.Investigators discovered that many of those CCTV techniques nonetheless used factory-set passwords like “admin123”. An Ahmedabad cybercrime department officer informed TOI: “The first methodology used was a ‘brute power assault’ (hackers utilizing a program or bot to attempt each attainable mixture of letters and numbers for a lock).” Parit Dhameliya, the lead hacker within the operation, a BCom graduate, employed three totally different software program packages to attain this. With stolen credentials, one other accused, Rohit Sisodiya – who was later arrested in Delhi and used a diploma in medical laboratory expertise as a canopy – used a device meant for official distant viewing to enter stolen login particulars and acquire unauthorised entry to the hospital’s cameras.