A potentially unprecedented data breach in India has exposed sensitive personal information of 81.5 crore individuals on the dark web. This data breach is linked to the Indian Council of Medical Research (ICMR) database, yet the exact source of the leak remains unidentified.
The dark web now has access to sensitive data belonging to 81.5 crore Indian individuals, potentially marking the largest data breach in India's history. This breach was initially exposed by a hacker known as 'pwn0001,' who offered the stolen information for sale on the dark web.
The compromised data is believed to have originated from the Indian Council of Medical Research (ICMR) and its COVID-19 testing efforts. However, the exact source of the breach remains unknown. According to the hacker's claims, the stolen data includes Aadhaar and passport details, as well as the names, phone numbers, and both temporary and permanent addresses of millions of Indians. The hacker asserts that this information was obtained from data collected by the ICMR during COVID-19 testing.
The data breach was first detected by ‘Resecurity’, an American agency with expertise in cybersecurity and intelligence. On October 9, a user named 'pwn0001' revealed information about the breach on Breach Forums, offering access to 815 million records, which included data related to "Indian Citizen Aadhaar & Passport." To put this in perspective, India's entire population is slightly over 1.486 billion people.
Resecurity's researchers found that within the leaked data, there were 100,000 files containing personal information of Indian citizens. To confirm their correctness, some of these records underwent verification using the government portal's "Verify Aadhaar" tool, which validated the accuracy of the Aadhaar details.
The Computer Emergency Response Team of India (CERT-In) has reported the breach to ICMR, as per a News18 report. The COVID-19 testing data is spread across various government entities such as the National Informatics Centre (NIC), ICMR, and the Ministry of Health, making it difficult to trace the source of the breach.
This incident is not the first of its kind in India's medical institutions. Earlier this year, cybercriminals infiltrated AIIMS' servers and took control of over 1TB of data, demanding a substantial ransom. This forced the hospital to resort to manual record-keeping for 15 days, which further slowed down operations. Just a few months prior, in December 2022, AIIMS Delhi's data fell victim to a cyberattack by a group from China, who demanded a ransom of Rs 200 crore in cryptocurrency.
Also Read: How to Keep your Brand Innovative without Losing your Values?