Menu

Russian Hackers Breach Nepal’s ‘Hello Sarkar’ Website, Sensitive Data Leaked on Dark Web

Fiscal Nepal

KATHMANDU: In a shocking cybersecurity breach, the official website of Nepal’s “Hello Sarkar,” operated under the Office of the Prime Minister and Council of Ministers, has been hacked by a Russian hacker group known as “Ghudra.” The group, which claims affiliation with “Fancy Bear APT 28” and ties to Russian military intelligence, has taken control of the site and is now selling sensitive data stolen from it on the dark web.

Sensitive Data Up for Sale

The hackers have listed the entire database of the Hello Sarkar website for $1,000, with an additional option for “live cell access” priced at $1,300. Among the leaked data are highly sensitive personally identifiable information (PII) of Nepali citizens, including names, email addresses, usernames, mobile numbers, passwords, device IDs, photos, office IDs, and addresses in Nepali. The group has also shared a screenshot of the website’s file manager interface, revealing options for security details, file access, console, database management, and PHP settings. The screenshot shows a server with 49.98 GB of storage, of which 8.32 GB remains unused.

In a statement posted alongside the leak, the hackers claimed, “The Nepal government refused to communicate with us, leaving us no choice but to sell this security data.” The breach has raised alarm bells about the vulnerability of government systems and the potential misuse of citizens’ private information.

Government Responds Swiftly

Joint Secretary Prem Kumar Shrestha, responsible for overseeing the Hello Sarkar website, confirmed the breach to Onlinekhabar. “I just found out about the hack. As soon as I was informed, I deployed technical staff to recover and maintain the website. It should be restored within a few hours,” he said. The government has scrambled to mitigate the damage, but the incident has exposed significant weaknesses in its digital infrastructure.

Cybersecurity Expert Warns of Consequences

Cybersecurity expert Ribash Neupane warned that the breach could have far-reaching implications for Nepal’s digital security. “When hackers steal sensitive data like this—essentially citizens’ digital assets—it puts everything at risk. They can sell it on the dark web for profit,” he explained. Neupane outlined three major potential impacts:

Privacy Breaches and Identity Theft

Hackers could exploit stolen data (names, emails, and phone numbers) for phishing attacks or identity theft, posing a direct threat to citizens. Government employees with official IDs could also face heightened security risks.

Exploitation of Government Systems

The breach could allow hackers to misuse government infrastructure, potentially creating parallel systems to manipulate or disrupt operations from within.

Damage to Political Reputations

Neupane cautioned that hackers could use the data to tarnish the reputations of prominent political leaders by spreading misinformation. “They could portray leaders as state rebels, severely damaging their careers and public trust,” he added.

Who Are the Hackers?

The “Ghudra” group identifies itself as part of Fancy Bear APT 28, a notorious hacking collective linked to Russian military intelligence. Known for high-profile cyberattacks globally, Fancy Bear has a history of targeting government institutions. Their involvement in this breach suggests a sophisticated operation, amplifying concerns about Nepal’s ability to defend against such threats.

Broader Implications for Nepal

The hacking of Hello Sarkar—a platform designed to address public grievances—underscores the growing cybersecurity challenges facing Nepal. With sensitive citizen data now circulating on the dark web, the government faces pressure to not only recover the website but also safeguard against further breaches. The incident could erode public trust in digital governance initiatives at a time when Nepal is increasingly digitizing its services.

As the technical team works to restore the site, questions remain about how the hackers gained access and what measures will be taken to prevent future attacks. For now, the leaked data poses an immediate risk to citizens and officials alike, while the government races to contain the fallout from this unprecedented cyber assault.

Fiscal Nepal |
Thursday March 27, 2025, 11:52:34 AM |

Leave a Reply

Your email address will not be published. Required fields are marked *

Trending News

World Business

USAID shutdown triggers 40pc drop in Nepal’s star hotel business

USAID shutdown triggers 40pc drop in Nepal’s star hotel business

Trade wars erupt as Trump hits Canada, Mexico, China with steep tariffs

Trade wars erupt as Trump hits Canada, Mexico, China with steep tariffs

Mass layoffs at USAID as Trump administration cuts global aid programs

Mass layoffs at USAID as Trump administration cuts global aid programs

Nepal bans import of European helicopters, citing safety concerns

Nepal bans import of European helicopters, citing safety concerns

Elon Musk-led DOGE halts grants to Nepal for federalism and biodiversity conservation

Elon Musk-led DOGE halts grants to Nepal for federalism and biodiversity conservation

RBI cuts interest rates for the first time in five years: A boost for economic growth

RBI cuts interest rates for the first time in five years: A boost for economic growth

‘inDrive ready to lead Nepal’s digital transformation, Nepal is our key market’

‘inDrive ready to lead Nepal’s digital transformation, Nepal is our key market’

Latest News

34th APT wireless group meeting kicks off in Kathmandu

34th APT wireless group meeting kicks off in Kathmandu

Private sector organizations demand assurance of a secure business environment

Private sector organizations demand assurance of a secure business environment

AmCham Nepal showcases Nepal as country of possibilities in US outreach program

AmCham Nepal showcases Nepal as country of possibilities in US outreach program

Nepal Rastra Bank to print 230 million NPR 500 notes worth NPR 115 billion

Nepal Rastra Bank to print 230 million NPR 500 notes worth NPR 115 billion

© Copyright 2020. FiscalNepal.com. Website Design and Developed by Genesis Web Technology