“Do you think we are that stupid?” was the first reaction that came from a source in the Congress IT cell, when asked why wasn’t the passwords of all INC handles changed after the first hack.

While social media is going crazy over the attack, very few know what exactly happened. Some have suggested that this is an internal job of a disgruntled employee. Some have insinuated that someone sympathetic to BJP is behind this. BJP supporters have claimed that this is a publicity stunt. Their excuse: perfect English of the hacker. (BJP supporters presume that only Congress men and women perfect the Oxbridge accent :D)

Who is the hacker? We don’t know. However, what we know from the reliable source, is the modus operandi – how exactly were both the twitter handles hacked.

First the sequence of events.

Last night, around 8:40 pm, the Twitter handle of Congress Vice President Rahul Gandhi was hacked. The hacker put out racist as well as homophobic content on the timeline of @officeofRG.

The IT cell immediately tried to delete the tweets and changed the passwords. Some noticed that fresh abusive tweets were appearing even as old abusive tweets were being deleted. Some of us were curious as to why would the IT cell of INC not immediately change the password. The simple answer is they did. Not just the hacked handle of @officeofRG, which is handled by Gandhi’s office in Tuglaq Road, the IT cell which operates from Rakabganj Road, also changed the passwords of all major INC Twitter handles and Facebook pages.

But still next morning, another hack took place. This time, it was the official Twitter handle of Indian National Congress on Thursday morning. The hacker, who claimed to have no political affiliation or intention, promised to do an email dump on Congress (sounds familiar to the Democratic party email hacking in the US) And there’s where the clue was. The entire email server of INC.in as well as its website has been hacked!

This is how it works. Twitter handles and Facebook pages were created with email Ids on Inc.in domain. Once the hacker accessed the domain and email ID, he or she could constantly reset the passwords of all social media platform irrespective of how many times you change the passwords.

Inc.in has been taken down. The IT cell is currently working on how to fortify and reset its existing digital assets.

Congress’ reaction

Congress representatives have lodged a complaint with Delhi Police. Whether the investigation includes the email hack is still not known. Congress officials have also the IT department officials of the government.

Meanwhile, Congress spokesperson Sanjay Jha told InUth.com: “What we are witnessing is a digital bloodbath unleashed by the troll army of the bigoted Right. If @officeofRG and @INCIndia accounts can be repeatedly hacked, it means no one is safe. No one. This is an organized racket led by unscrupulous techies available to the highest bidders. It is disturbing; but in a fascist environment, not so unsurprising. A cause for serious concern.”