Data Breach: 81.5 crore Indian users' personal data leaked in historic breach
Data Breach: In what could be India's most significant data breach to date, the sensitive personal information of 81.5 crore Indian users has been exposed on the dark web. This massive data leak originates from the database of the Indian Council of Medical Research (ICMR), although the exact source remains undisclosed.
A staggering volume of sensitive data belonging to 81.5 crore Indian citizens has surfaced on the dark web, raising concerns about one of the largest data breaches in India's history. The leaked data is believed to have been obtained from records collected by the Indian Council of Medical Research (ICMR) during the COVID-19 testing process. The precise origin of this breach is yet to be determined, prompting an investigation by the Central Bureau of Investigation (CBI). The breach was initially brought to light by a hacker known as 'pwn0001,' who advertised the stolen information on the dark web. According to the information shared by the hacker, the compromised data includes Aadhaar and passport details, as well as names, phone numbers, and both temporary and permanent addresses of millions of Indians. The hacker asserts that this data was extracted from the information collected by ICMR during COVID-19 testing.
The discovery of the data breach was initially made by Resecurity, an American agency specializing in cybersecurity and intelligence. On October 9, 'pwn0001' disclosed details about the breach on Breach Forums, where they claimed to possess 815 million records, including "Indian Citizen Aadhaar & Passport" data. To put this in perspective, India's total population is just over 1.486 billion people.
Researchers examining the leaked data identified the presence of 100,000 files containing personal details of Indian citizens. To confirm their authenticity, some of these records were cross-verified using a government portal's "Verify Aadhaar" feature, which verified the Aadhaar information.
The Computer Emergency Response Team of India (CERT-In) has also notified ICMR about the breach, according to a report by News18. The data related to COVID-19 testing is spread across multiple government bodies, including the National Informatics Centre (NIC), ICMR, and the Ministry of Health, making it challenging to pinpoint the exact source of the breach.
As of the time of reporting, there had been no official response from the Ministry of Information and Technology or other relevant agencies regarding the breach.
This is not the first instance of a major medical institution in India falling victim to a data breach. Earlier this year, cybercriminals breached AIIMS' servers, taking control of over 1TB of data and demanding a substantial ransom. As a result, the hospital was forced to resort to manual record-keeping for 15 days, causing delays in an already congested institute. In December 2022, AIIMS Delhi experienced a data breach at the hands of Chinese hackers who demanded Rs 200 crore in cryptocurrency.
- With inputs from agencies
