Bollywood actress Pooja Bedi was shocked when she found out on 29 September that her e-commerce website Happy Soul had been hacked.
Talking to Sputnik, Pooja shared that she received an email from the attacker stating that her website has been hacked and she was given 24 hours to pay a ransom.
“Please make the payment else I will report your data breach to GDPR (General Data Protection Regulation) and they will make a huge fine on you. Also, I will make these database public so anyone can use these password and check your user information and financial data,” she said while sharing the email’s details.
Feeling devastated, Pooja told Sputnik the attackers demanded 0.2 Bitcoin which is around $2,135 “to get my website back”.
“They also threatened me that if I don’t pay them within 24 hours, they will start selling drugs on my site. They put up a picture of a dancing dog and also made my files available for sale. I feel violated and robbed of all my two years of hard work and faced a huge monetary loss,” the actress said.
Ransomware is malicious software that infects a computer or website and takes unauthorised control of it by sending malicious links or attachments. The attacker then displays messages demanding a fee to be paid in order for the system to work again.
Not sure of what to do immediately, Pooja approached the website aggregator platform (name withheld) from where she got her website registered. But she said, they didn’t get any help in recovering her site and database.
Dear @GoDaddyHelp your team is NOT cooperating with our team for my hacked e-commerce website https://t.co/zjGS86eyQX— Pooja Bedi (@poojabeditweets) October 5, 2020
Despite my deluxe security on your server & SSL the hacker hacked AGAIN yesterday made ransom demands threatening 2 sell my data& sell DRUGS on my site@GoDaddy
“I felt so helpless and angry at them because they so easily said that they can’t help in this. I had paid extra for server backup and firewall and now they easily said that they couldn’t do anything. People create their business dreams on their platforms, invest millions and in just a fraction of second, everything snatched away from you,” Pooja told Sputnik on Monday evening.
The actress has filed a police complaint with the Cyber Cell of the Goa Police. But, she adds: “For one week, no action was taken by them. It was very annoying as they kept giving false hope. I simultaneously reached out to a software engineer and cyber expert who managed to get my old database recovered but it again got hacked on Sunday night.”
She took to Twitter on Monday and tagged Goa State Chief Pramod Sawant and Director General of Police (DGP) Mukesh Kumar Meena to intervene in the matter.
Dear @DGP_Goa my ecommerce website https://t.co/zjGS86eyQX HACKED AGAIN last night & this time they state if i don't pay ransom they will sell DRUGS on my website. I have registered FIR in old goa police cyber cell last week but no action from cops.— Pooja Bedi (@poojabeditweets) October 5, 2020
My company regd in Goa @goacm pic.twitter.com/X6UZQmASkZ
“They have now taken action, but they are still not able to ensure if they can get everything recovered and nab the culprit. In the dark web, you don’t know who that person is and how safe your online store is,” Pooja stated.
India’s noted cybercrime expert Pavan Duggal told Sputnik that according to The State of Ransomware in 2020 by Blackfog.com:
“Every 11-second, one company is becoming a victim of ransomware worldwide and making millions of dollars of damage. In a situation like this, it is never a good idea to give the ransom money because you will never be sure if you’ll get your website and database back.”
The best way to tackle such a situation is "just retrieve the database and wipe out the website. We’ve to adopt more cyber hygiene method as part of our day-to-day lives such as take back-ups every 15 days and give up the temptation of clicking a link or opening an attachment from a source we don’t know. We also need strict laws to combat this rampant problem,” Duggal added.