I
In a startling revelation, United States-based cybersecurity firm Resecurity has uncovered that the personal data of approximately 81.5 crore Indians has been leaked and is now circulating on the dark web. Here are the top seven critical facts you need to know about this massive data breach:
-
Extent of the Leak: Resecurity's report has thrown light on the enormity of the situation, indicating that the personal data of a staggering 81.5 crore Indian citizens is at risk.
-
Nature of Leaked Information: The compromised data set includes sensitive personal information such as names, phone numbers, addresses, Aadhaar details, and passport numbers. Shockingly, all of this information is now up for sale online.
-
The Culprit: The data breach has been linked to a threat actor known as 'pwn0001,' who was found offering access to the Aadhaar and passport records of 81.5 crore Indian citizens on the infamous Breach Forums, with the post dating back to October 9.
-
Selling Price: Investigations by Resecurity have revealed that 'pwn0001' is not just stopping at offering access - they are willing to sell the entire database, which includes Aadhaar and Indian passport details, for a whopping $80,000.
-
Ongoing Investigation: The Central Bureau of Investigation (CBI) has taken up the case and is actively investigating the breach to track down the perpetrators and understand the full extent of the damage.
-
Possible Source of the Leak: There are ongoing suspicions and reports suggesting that the compromised data may have originated from the database of the Indian Council of Medical Research (ICMR), raising concerns about the security of government-held data.
-
Previous Incidents and Warnings: This incident is not isolated. As recently as June 2023, another hacker disclosed a similar leak involving personal data of over 80 crore Indians, including COVID-19-related information and CoWIN vaccine data. Furthermore, in April, the hacking group ‘Hacktivist Indonesia’ had circulated a list of 12,000 Indian websites as their potential targets, with a history of launching cyber attacks in several countries including Sweden, Israel, and the US.
This massive data breach serves as a stark reminder of the growing cyber threats and the urgent need for stringent cybersecurity measures to protect sensitive personal information.
