81.5 crore Indians' personal information was exposed on the dark web, possibly resulting in the largest data breach in Indian history...
Digital; Desk: 81.5 crore Indians' personal information was exposed on the dark web, possibly resulting in the largest data breach in Indian history. The data has been leaked from the Indian Council of Medical Research’s (ICMR) database. However, the epicentre of the leak is still a mystery. The hacker "pwn0001" alerted authorities to the breach by promoting the stolen data on the dark web, leading to the Central Bureau of Investigation (CBI) opening an investigation into the leak.
The hacker's data indicates that millions of Indian names, phone numbers, Aadhaar and passport details, as well as temporary and permanent addresses, are among the stolen data. Additionally, according to the hacker, this data originates from the data that ICMR gathered while conducting COVID-19 testing.
An American intelligence and cybersecurity agency 'Resecurity' made the initial discovery of the data breach. On October 9, information on the breach was made public on Breach Forums by user "pwn0001," who announced the availability of 815 million records, including information related to "Indian Citizen Aadhaar & Passport." To put things in perspective, just over 1.486 billion people are living in India.
Researchers found that 100,000 files including Indian nationals' personal information were among the stolen material. Some of these records were verified for accuracy utilizing the "Verify Aadhaar" feature of a government portal, which verified the Aadhaar data.
The Computer Emergency Response Team of India (CERT-In) has alerted ICMR about the breach. It is difficult to pinpoint the exact location of the breach because the COVID-19 test data is dispersed around multiple government departments, including the Ministry of Health, the ICMR, and the National Informatics Centre (NIC).
As per reports, the Ministry of Information and Technology and other relevant agencies had not responded to the leak till now.
A significant medical institution in India has experienced security breaches before. Cybercriminals gained control of over 1TB of data at AIIMS earlier this year after breaking into the institute's servers and demanding a sizable ransom. This resulted in a 15-day manual record-keeping transition for the hospital, which slowed down every procedure in an already overcrowded facility. The Chinese had breached the data of AIIMS Delhi a few months earlier in December 2022, and they had demanded Rs 200 crore in cryptocurrencies.
Leave A Comment