As per an US-based cybersecurity solutions and services provider ‘Resecurity’, the data of more than 81 crores citizens sourced from the Indian Council of Medical Research (ICMR) are on sale on the dark web after an alleged leak. The data reportedly contains information such as Aadhaar and passport details, along with names, phone numbers, and addresses.
“On October 9th, a threat actor going by the alias ‘pwn0001’ posted a thread on Breach Forums brokering access to 815 million “Indian Citizen Aadhaar & Passport” records. To put this victim group in perspective, India’s entire population is just over 1.486 billion people”, said the Resecurity in its blog. However, the ICMR and the health ministry have neither denied nor confirmed the claim of alleged breach.
The US-based cybersecurity agency said that “HUNTER investigators established contact with the threat actor and learned they were willing to sell the entire Aadhaar and Indian passport dataset for $80,000”. It said that the data set offered by pwn0001 contains multiple fields related to the PII of Indian citizens.
“Pwn0001 declined to specify how they obtained the data. Without the threat actor disclosing the source of the data leak any effort to diagnose the cause of the beach will be speculative”, said the US based services provider.
Meanwhile, a source said that the center is examining the alleged reports of breach of personal data and the exercise has been initiated to probe the issues.