A phone number belonging to Niti Aayog vice chairman Ashok Kumar Lahiri was allegedly hacked on Thursday evening, he claimed in a Facebook post the same day. He claimed the hacker used the number to send WhatsApp messages to multiple people seeking money requests.
Lahiri is supposed to assume office on Friday.
“Just to inform everyone that my personal phone number has been hacked. If I get anyone asking money, sending phonepe/google pay number or any other financial help message from this number, please don’t trust anyone and make any money transactions. This is totally fake and deceptive act. Be careful and let others know. Thank you,” he wrote, in a loose translation from Bengali, on Facebook.
In a screenshot of a WhatsApp conversation uploaded by Lahiri, and separate screenshots viewed by HT, it appears that a person posing as Lahiri is urgently asking for money. The person says they need ₹56,000 and that their Unified Payments Interface (UPI) service isn’t working. They also promise to return the money within two hours.
At the same time, the recipient repeatedly tries to call Lahiri through WhatsApp but these calls go unanswered. The sender continues messaging in text instead of speaking on call, eventually asking “what happened” after sharing a payment number, which does not belong to Lahiri.
The exchange has the appearance often seen in hacked accounts or impersonation scams. Access is usually obtained through OTP theft, phishing links or SIM swapping attacks linked to the victim’s phone number.
An official at Department of Telecommunication (DoT) said the first line of defence for such cases is to report on the Cybercrime portal simultaneously with the Whatsapp web portal. Usually WhatsApp takes cognisance and restores account within six to seven hours.
However, the official added that one thing which remains absent in WhatsApp’s security feature is multi-factor authentication.
“WhatsApp hasn’t made two-factor authentication mandatory, it leaves it up to the user to activate it. This leaves India’s 60-70 crore users on WhatsApp vulnerable. The cases related to digital arrests, sextortion, account takeover – 85% of them happen on WhatsApp,” said the official who requested anonymity.
“People in India aren’t yet digitally literate, so the onus is on such platforms to put user protections in place,” added the official.
When a WhatsApp user enables two-step verification, they have the option to enter their email address. This allows WhatsApp to email them a reset link in case they forget the PIN, and also helps safeguard their account, according to the company’s website.
A spokesperson of WhatsApp said, “WhatsApp continues to invest in technology, safety tools and resources that equip users to safeguard themselves from instances of online scams. We advise people to never share their six-digit PIN code with others, not even friends or family, and recommend that all users set up two-step verification for added security. We’ve built safety tools like Silence unknown callers that screen out scam calls for increased protection, encourage users to block and report suspicious accounts and do a Privacy Checkup that allows people to choose the right level of protection for their account.”
