Resecurity, a US cybersecurity firm, stated that 815 million Indians’ personally identifiable information was exposed on the dark web, one of India’s largest data breaches. Indian digital projects suffered a huge hit from the breach…
A recent investigation from US cybersecurity firm Resecurity found that 815 million (81.5 crore) Indians’ personally identifiable information was exposed on the dark web, one of the largest data breaches in Indian history.
Online sale of sensitive data
Many sensitive data was breached, including:
Names and phone numbers
Addresses
UIDs
Passport infoIllicit online portals sell all data.
Disclosure of Breach
Resecurity reported that Breach Forums threat actor ‘pwn0001’ publicized the breach. The actor claimed to have 81.5 crore Aadhaar and passport records, roughly half of India’s 147.6 crore (1.486 billion) population.
An Incredible Offer
After contacting the threat actor, Resecurity’s HUNTER (HUMINT) section determined that they would sell the whole Aadhaar and Indian passport database for $80,000.
Ongoing CBI Investigation
The Central Bureau of Investigation (CBI) is investigating the massive breach after “pwn0001.” discovered it.
Some believe the leaked data came from the Indian Council of Medical Research (ICMR) database.
Hacker’s assertion
An anonymous hacker reportedly said, “India Biggest Data Breach.” Over 800 million Indians with COVID 19 had their personal data exposed by hackers. Name, Father’s name, Phone number, Other number, Passport number, Aadhaar number, Age were disclosed.”
Major Setback for Indian Government Digital Initiatives
The data breach set back the Indian government’s digital initiatives to digitize the economy and develop digital public infrastructure (DPI) based on Aadhaar, mobile numbers, and bank accounts for benefits transfer and private sector innovation.
After the government investigated the June release of personal data from vaccinated persons, including VVIPs, via a Telegram message channel from the CoWin website, this breach occurred.
Increased data security needed
This major data breach illustrates the need for improved data security and the problems of protecting personal data in the digital era.
Conclusion
The dark web revealed 815 million Indians’ personally identifiable information, one of the largest data breaches in the country’s history, according to US cybersecurity firm Resecurity. Names, phone numbers, addresses, Aadhaar numbers, and passports were compromised. On Breach Forums, threat actor ‘pwn0001’ claimed to have access to 81.5 crore records, including Aadhaar and passport details. Resecurity’s HUNTER team found that the threat actor would sell the complete Aadhaar and Indian passport database for $80,000, or Rs 66,60,760. The case is under CBI investigation. The ICMR database may have provided the compromised data. Unidentified hackers called the breach the “India Biggest Data Breach.” The Indian government’s digital initiatives to digitize the economy and develop digital public infrastructure (DPI) based on biometric identification numbers (Aadhaar), mobile numbers, and bank accounts for benefits transfer and private sector innovation were severely hampered by this breach. The hack highlights the need for improved data security and the problems of digital data protection.
