Times of India Reports Massive Hacking Attempts Against Nagpur Municipal Corporation
A Complete Breach Was Prevented, But the Threat of a Bigger Attack Looms

Hackers attempted to breach the Nagpur Municipal Corporation (NMC), the local governing body of the city of Nagpur in Maharashtra, India. The Times of India first reported the cyber incident, describing it as “a massive hacking attempt” that occurred on 28 October 2025.
According to the report, NMC’s web servers endured over 2,000 intrusion attacks within just 24 hours as the hackers sought to exploit vulnerabilities in municipal web applications hosting citizen data and critical public services.
A senior official of the NMC confirmed the incident, which could have compromised the governing body’s online services on the NMC website and the My Nagpur app. These platforms, according to the senior official, “aim to offer convenient, timely, and transparent access to civic services” such as online applications and complaint tracking.
An Orchestrated Hacking Attempt on NMC
The Times of India report noted a total of 2,008 hacking attempts, including 1,068 categorised as critical, making it “an organised and sustained digital assault”, according to experts. Notably, most of the attacks focused on server-side applications, which the report describes as “the backbone of online property tax payments, grievance redressal portals, and essential data systems.”
“Such large-scale automated attacks are not random,” said a cybersecurity researcher interviewed by The Times of India. “They are part of continuous efforts by cybercriminal networks to infiltrate public sector servers where data is valuable and often poorly protected.”
The report added that NMC’s intrusion prevention system stopped a complete breach, dropping malicious packets traced to servers in Singapore with IP addresses 104.248.99.110 and 167.99.28.248. However, cybersecurity experts have warned the NMC that these attempts might just be a prelude to a bigger, more targeted, and more nefarious attack.
This latest incident continues a worrying trend of threat actors actively targeting critical infrastructure—this time, the digital presence of a government institution tasked with the civic administration and infrastructure of Nagpur, a major city in India. It also underscores the critical need to protect critical infrastructures better as they become a preferred target.



