Hackers steal 50,000 CCTV clips from schools, hospitals, sell on porn sites

A shocking cybercrime has shaken India’s digital security landscape, with hackers stealing at least 50,000 CCTV clips over nine months from facilities across the country and selling them online for between Rs 700 and Rs 4,000 per clip, feeding them into an international porn fetish network for profit, according to a Times of India report.

Police revealed that 80 CCTV dashboards had been compromised, spanning hospitals, schools, corporate offices, factories, cinema halls, and even private residences in cities such as Pune, Mumbai, Nashik, Surat, Ahmedabad, Delhi, and others.

Hospital CCTV breach

The scam came to light when teaser clips from Rajkot’s Payal Maternity Hospital surfaced on YouTube channels like “Megha Mbbs” and “cp monda”, leading viewers to Telegram groups where the stolen footage was sold.

Also Read: Cybercrimes against children: Karnataka to implement TN-style SOP

Officials stated that the breaches were made possible by default passwords such as “admin123”, enabling hackers to carry out automated attacks and harvest large quantities of sensitive footage.

Although the primary arrests were made earlier in 2025, investigators discovered that the illegally-obtained clips were still circulating on Telegram groups as late as June.

Default admin password left systems exposed

Police also noted that many CCTV systems continued to use factory-set passwords like “admin123”, which had not been changed during installation.

This allowed hackers to launch a highly-automated assault. An officer from Ahmedabad’s cybercrime branch told TOI, “The primary method used was a ‘brute force attack’ - hackers using a programme or bot to try every possible combination of letters and numbers for a lock.”

Also Read: Cybercrime cases jumped 141 per cent from 2018 to 2022: Home Ministry informs Lok Sabha

An Ahmedabad cyber officer admitted, “This wasn’t high-tech hacking; it was sheer carelessness. Default passwords and outdated firewalls made it easy.”

One investigator remarked, “We talk about AI and quantum computing, yet our hospitals still run on admin123.”

Three different software used for hacking

Parit Dhameliya, the lead hacker, a B.Com graduate, reportedly employed three different software programmes to execute the operation.

“First, Dhameliya used a website called suIP.biz to obtain the IP addresses (the unique online locations) of cameras in Gujarat. These IPs were then fed into a software called ‘Masscan’, which quickly scanned for open ports — the digital gateways that allow remote access.”

Next, the attackers deployed a specialised hacking tool called "SWC software", capable of revealing a camera’s ID, password, and IP address once compromised.

Also Read: Cybercrimes may rob Indian entities of Rs 20,000 Cr in 2025: Intel firm

Using these stolen credentials, another accused, Rohit Sisodiya, who was later arrested in Delhi and who had posed as a medical laboratory technology diploma holder, accessed the hospital’s cameras via the DMSS application, a legitimate remote-viewing tool.

International infrastructure to mask location

An officer added, “Access to this sensitive footage cost around Rs 700 per person, though the most sought-after voyeuristic clips fetched up to Rs 4,000. Praj Patil, a NEET aspirant, acted as the financial facilitator, providing his mobile number and bank account to collect subscription payments.”

To mask their locations, the hackers reportedly relied heavily on international infrastructure, routing their activities through virtual private networks (VPNs) that made them appear to be operating from cities such as Bucharest in Romania and New York in the US.

The large-scale unauthorised access, exceeding 11,000 successful external sessions, was meticulously tracked through log files spanning January 2024 to December 2024.

The core members of the scam and Prajwal Teli, Praj Patil, and Chandraprakash Phoolchand, were arrested within 39 hours of the FIR being registered. The suspects have been charged under multiple sections of the Bharatiya Nyaya Sanhita (BNS) and the IT Act, including cyberterrorism.