The hacker was willing to sell the entire Aadhaar and Indian passport dataset for 80,000 US dollars when contacted by Resecurity
)
Photo: Shutterstock
Listen to This Article
In a serious data breach, personally identifiable information of 815 million Indians has been up on the dark web for sale, according to a report by US-based cybersecurity firm Resecurity. Details such as Aadhaar and passport information along with names, phone numbers and addresses are available for sale online, it has said.
Media reports suggested that the Indian Council of Medical Research (ICMR) database might have been compromised, given the extensive scope and sensitive nature of the information. Queries sent to ICMR were not answered at press time.
тАЬSecuring assets is of importance for businesses in todayтАЩs world. The recent incident where the personal information of 815 million Indians was exposed in a data leak highlights the need for companies to take adequate measures,тАЭ said Sanjay Kaushik, managing director of Netrika Consulting.
According to the Resecurity website, on October 9 an individual using the alias тАЬpwn0001тАЭ shared a post on BreachForums (a darknet crime forum) offering access to 815 million records containing information on тАЬIndian Citizen Aadhaar and PassportтАЭ.
The hacker was willing to sell the entire Aadhaar and Indian passport dataset for $80,000 when contacted by Resecurity.
In August this year, another threat actor known as тАЬLuciusтАЭ posted a thread on BreachForums offering to sell a 1.8 terabyte data leak related to an unnamed тАЬIndian internal law enforcement organisationтАЭ.
In April 2022, the Comptroller and Auditor General conducted an investigation into the Unique Identification Authority of India (UIDAI) and discovered that the authority had not effectively regulated its client vendors and safeguarded the security of their data vaults, as stated in a Brookings report.
Since its inception in 2009, UIDAI has issued approximately 1.4 billion Aadhaar cards. A report from the Brookings Institution in 2022 highlighted that the ID system ranked among the worldтАЩs largest biometric identification initiatives.
тАЬAdopting measures like encryption, multifactor authentication and access controls are vital to protect data. Regular security audits and updates are also components of a cybersecurity strategy that can adapt to emerging threats effectively,тАЭ said Kaushik.
The exposure of personally identifiable information on the dark web, which includes Aadhaar and other personal details of Indian citizens, poses a substantial threat of digital identity theft. Malicious actors use pilfered identity data to engage in activities such as online banking fraud, tax refund scams and various cyber financial crimes.
aniltikotekar4sme.com 