Sensitive Data from 81.5 crore Indians has emerged on the dark web, potentially marking the largest data breach in Indian history. The leak has been brought to attention by ‘pwn0001’, a hacker who advertised the stolen information on the dark web. The information has come from the data collected by the Indian Council of Medical Research (ICMR) during the age of COVID-19 testings.
The Epicenter
However, the leak epicenter is not known yet. As per the data shared by the hacker this stolen information comprises Aadhar and passport details along with names, numbers, temporary and permanent addresses of millions of Indians. The hacker has also claimed that this data comes from information ICMR collected during COVID testing.
Discovery of the Breach
The initial discovery of the data breach was reported by Resecurity, an American agency specializing in cybersecurity and intelligence. On October 9, 2023, the ‘pwn0001’ had disclosed the details of the data breach on Breach Forums advertising the availability of 815 million records including Indian citizen Aadhar and Passport details. For context, the total population of India is a little over 1.486 billion people.
The Resecurity researchers have identified that among the leaked data, there were 100,000 files with the personal details of Indian citizens. To check their accuracy some of these records were confirmed using government portal “Verify Aadhar Feature which authenticated Aadhar information. The leak data comprises of name, fathers name, phone number, other numbers in addition to Passport number, Aadhar Number, and age.
The Computer Emergency Response Team of India (CERTIN) has also alerted the ICMR about the data breach, according to a report by a news agency. The COVID-19 test information is scattered across various government bodies like the National Informatics Centre (NIC), ICMR and the Ministry of Health making it difficult and challenging to identify where the breach occurred.
At the time of writing this story there was no response to the leak from the Ministry of Information Technology or other concerned agencies online. This is not the first time that such an incident has been reported in the medical domain.
Previous Cases
Earlier this year, some malicious cyber criminals hacked into AIIMS servers and took the data worth 1 TB (Terabyte) at the institute and demanded a hefty ransom. This has forced the hospital to switch to manual record keeping for 15 days, thus slowing down the processes in an already overcrowded institute. A few months before that in December 2022, the AIIMS data was hacked by the Chinese and has demanded Rs 200 crores in cryptocurrency.
Dark Web
The Dark Net or Dark Web, is part of internet that cannot be accessed through traditional search engines like Google, or normal web browsers like Chrome and Safari. It requires specific browsers such as The Onion Ring, Invisible Internet Project, Whoin etc.
