INDIA: In a shocking revelation, personal identifiable information of approximately 81.5 crore Indians has been exposed on the dark web. The data breach, first reported by US-based cybersecurity firm Resecurity, has sent shockwaves across the nation and raised significant concerns about data security and privacy.
According to Resecurity’s report, the breached data includes a plethora of personal details such as names, phone numbers, addresses, Aadhaar numbers, and passport information. This alarming discovery was brought to light when a threat actor, known as ‘pwn0001,’ posted a thread on Breach Forums on October 9, offering access to a staggering 815 million records of “Indian Citizen Aadhaar & Passport.”
It is worth noting that India’s total population exceeds 1.486 billion people, making this breach one of the largest data exposures in history. The threat actor allegedly attempted to sell the entire Aadhaar and Indian passport databases for a mere $80,000.
The Central Bureau of Investigation (CBI) is currently investigating this massive data breach, with “pwn0001” being the key subject of interest. This incident serves as a grave reminder of the increasing cyber threats faced by India and the global community.
Additionally, there are speculations that the compromised data might have originated from the Indian Council of Medical Research (ICMR) database. The exposure of such sensitive information has sparked concerns about the potential misuse of this data and its impact on individuals’ privacy.
In response to the breach, a hacker, under the alias “X,” declared, “India’s Biggest Data Breach Unknown hackers have leaked the personal data of over 800 million Indians under COVID 19. The leaked data includes: name, father’s name, phone number, other number, passport number, Aadhaar number, and age.” This highlights the comprehensiveness of the data that has fallen into the wrong hands.
This incident isn’t the first of its kind in India. In June, a separate data breach raised concerns when the personal data of vaccinated citizens, including VVIPs, from the CoWin website was allegedly leaked via a Telegram messenger channel. These events underscore the vulnerability of digital systems and the pressing need for robust cybersecurity measures.
The data breach has come as a significant challenge to the Indian government’s efforts to digitize the economy and establish a digital public infrastructure (DPI) based on Aadhaar, mobile numbers, and bank accounts. The government’s efforts have aimed at enhancing the delivery of benefits and fostering innovation in the private sector.
This breach will likely prompt a reevaluation of the security measures in place to protect this sensitive data. As the investigation unfolds, it is imperative for authorities and cybersecurity experts to address the vulnerabilities that allowed such a massive breach to occur.
Protecting personal data is not only crucial for individual privacy but also for the trust and security of the digital systems upon which modern societies rely. The aftermath of this breach will undoubtedly have far-reaching implications for data security in India and worldwide.
Also Read: Rajnath Singh’s Push for International Collaboration to Tackle Indian Ocean Maritime Challenges