In a massive data breach, details of over 81.5 crore citizens with the Indian Council of Medical Research (ICMR) are on sale on the dark web, which contains crucial information such as Aadhaar and passport details, along with names, phone numbers, and addresses, according to the reports
Given the severity of the matter, the Central Bureau of Investigation (CBI) is expected to probe the incident after the ICMR files a complaint.
The data breach noticed by the US-based cybersecurity and intelligence firm Resecurity mentioned that “on October 9, a threat actor going by the alias ‘pwn0001’ posted a thread on Breach Forums brokering access to 815 million ‘Indian Citizen Aadhaar and Passport’ records”.
Moreover, the cybersecurity analysts found one of the leaked samples containing 100,000 records of PII (personally identifiable information) related to Indian residents.
In this sample leak, the analysts identified valid Aadhaar Card IDs, which were corroborated via a government portal that provides a “Verify Aadhaar” feature.
The analysts also managed to connect with the threat actor and learned they were willing to sell the entire Aadhaar and Indian passport dataset for $80,000 (over Rs 66 lakh).
However, the threat actor declined to specify how they obtained the data.
Last month, cybersecurity researchers found that the official website of the Ministry of AYUSH in Jharkhand had been breached, exposing over 3.2 lakh patient records on the dark web.
According to the cybersecurity company CloudSEK, the website’s database, amounting to 7.3 MB, holds patient records that include PII and medical diagnoses. The compromised data also contains sensitive information about doctors, including their PII, login credentials, usernames, passwords, and phone numbers.
The data breach was initiated by a threat actor named “Tanaka”.