81.5 crore Indians' sensitive data was exposed on the dark web, perhaps resulting in the largest data breach in indian history. The data was taken from the database of the indian Council of Medical Research (ICMR) through a breach. The epicenter of the leak is still a mystery, though. The hacker "pwn0001" alerted authorities to the breach by promoting the stolen data on the dark web, leading to the Central Bureau of Investigation (CBI) opening an investigation into the leak.
The hacker's data indicates that millions of indian names, phone numbers, Aadhaar and passport details, as well as temporary and permanent residences, are among the stolen data. Additionally, according to the hacker, this data originates from the data that ICMR gathered while conducting COVID-19 testing.
ReSecurity, an American intelligence and cybersecurity outfit, made the initial discovery of the data leak. On october 9, information on the breach was made public on Breach Forums by user "pwn0001," who announced the availability of 815 million records, including information related to "Indian Citizen Aadhaar & Passport." To put things in perspective, there are just over 1.486 billion people living in India.
Researchers found that 100,000 files including indian nationals' personal information were among the stolen material. Some of these records were verified for correctness utilizing the "Verify Aadhaar" feature of a government portal, which verified the Aadhaar data.
Also informed of the intrusion by the Computer Emergency Response Team of india (CERT-In) is the ICMR. It is difficult to pinpoint the exact location of the breach since the COVID-19 test data is dispersed around several government agencies, including the Ministry of Health, the ICMR, and the National Informatics Centre (NIC).
The Ministry of Information and technology and other relevant agencies have not responded to the leak as of the time the piece was written.
A significant medical institution in india has experienced security breaches before. Cybercriminals gained control of over 1TB of data at AIIMS earlier this year after breaking into the institute's servers and demanding a hefty ransom. This resulted in a 15-day manual record-keeping transition for the hospital, which slowed down every procedure in an already congested facility. The Chinese had breached the data of AIIMS delhi a few months earlier in december 2022, and they had demanded Rs 200 crore in cryptocurrencies.
ReSecurity, an American intelligence and cybersecurity outfit, made the initial discovery of the data leak. On october 9, information on the breach was made public on Breach Forums by user "pwn0001," who announced the availability of 815 million records, including information related to "Indian Citizen Aadhaar & Passport." To put things in perspective, there are just over 1.486 billion people living in India.Also informed of the intrusion by the Computer Emergency Response Team of india (CERT-In) is the ICMR. It is difficult to pinpoint the exact location of the breach since the COVID-19 test data is dispersed around several government agencies, including the Ministry of Health, the ICMR, and the National Informatics Centre (NIC).
The Ministry of Information and technology and other relevant agencies have not responded to the leak as of the time the piece was written.
A significant medical institution in india has experienced security breaches before. Cybercriminals gained control of over 1TB of data at AIIMS earlier this year after breaking into the institute's servers and demanding a hefty ransom. This resulted in a 15-day manual record-keeping transition for the hospital, which slowed down every procedure in an already congested facility. The Chinese had breached the data of AIIMS delhi a few months earlier in december 2022, and they had demanded Rs 200 crore in cryptocurrencies.
click and follow Indiaherald WhatsApp channel