Unless you have been hiding under a rock, you would have heard about the hacking of Twitter accounts of well-known Indian personalities over the last week or so. It started with Rahul Gandhi's account being hacked on 30 November, followed the next day by the hacking of his party, the Indian National Congress' official account.
The people behind the hackings like to call themselves, Legion. Many believe that the name has been inspired by a hacker group active in the 1990s by the name of Legion of Doom.
Legion has been in the news practically every day. Last week the group took control of the UB Group Chairman, Vijay Mallya's account and posted a partial dump of his account details, passport, property listings and more. The next day, NDTV journalists Barkha Dutt and Ravish Kumar were at the receiving end.
The Washington Post had a chat with one of the Legion hackers on a secure messenger. The chat that took place before Saturday's hacks reveals that the hacker had planned the timing of the NDTV hacking.
The Washington Post report suggests that the group has a hold over more than 40,000 servers in India. They are now scraping through the data to find interesting content and dumps. Many servers have given them access to the Twitter accounts.
In the chats, the group has consistently maintained that it has no political agenda. Legion has also cited out the poor online security habits of some of its victims. It pointed out, for instance, that Mallya kept his bank login details as notes in emails in an unencrypted form.
The group indicated in its last hack that it was gunning for the former Indian Premier League chief, Lalit Modi, next. Legion also claimed that it had control over the servers of Apollo Hospitals, the biggest medicare chain in the country. However it is hesitant to release the data as it could wreak havoc among the hospital's current and former patients.
The Washington Post chat also reveals that drugs and electronic music are among Legion members' passions and Russia is their preferred place of domicile from where they carry out their activities. The group uses an email service called Sigaint that is hosted in the so-called dark web that provides users anonymity.