India is currently grappling with a significant and potentially the most extensive data breach in its history, where the sensitive personal data of 815 million Indian citizens has been exposed on the dark web.
This leaked information is believed to have originated from the Indian Council of Medical Research (ICMR) database, although the exact source of the breach remains unclear. The breach has caused widespread concern and prompted the Central Bureau of Investigation (CBI) to launch an investigation to uncover the origin of this massive data leak. The breach was initially disclosed by an unidentified hacker known as ‘pwn0001,’ who advertised the stolen data on the dark web, drawing immediate attention to the incident.
According to the hacker, the compromised data includes Aadhaar and passport details, names, phone numbers, and both temporary and permanent addresses of millions of Indians. Disturbingly, this data is reported to have been collected by ICMR during COVID-19 testing, adding an alarming dimension to the breach.
The discovery of this extensive data breach was initially made by Resecurity, a U.S.-based cybersecurity and intelligence agency. ‘pwn0001’ revealed details about the breach on Breach Forums on October 9, proudly announcing the availability of a staggering 815 million records, including “Indian Citizen Aadhaar & Passport” data. To verify the authenticity of the leaked records, researchers used the government portal’s “Verify Aadhaar” feature, which successfully authenticated the Aadhaar information.
The Computer Emergency Response Team of India (CERT-In) has also alerted ICMR about the breach, underscoring its seriousness.
The difficulty in pinpointing the precise source of the breach is further complicated by the dispersion of COVID-19 test information across various government bodies, including the National Informatics Centre (NIC), ICMR, and the Ministry of Health.
As of the time of reporting, there has been no official response to the breach from the Ministry of Information and Technology or other concerned agencies, leaving millions of Indian citizens concerned about the security of their personal information.
This alarming data breach is not an isolated incident in India’s recent history. Earlier this year, cybercriminals targeted the All India Institute of Medical Sciences (AIIMS), compromising over 1 terabyte of data and demanding a significant ransom. This incident forced the hospital to resort to manual record-keeping for 15 days, further complicating an already overburdened institution. In a separate incident in December 2022, AIIMS Delhi’s data was hacked by an entity believed to be of Chinese origin, with a demand for Rs 200 crore in cryptocurrency.
The breach at ICMR underscores the urgent need for enhanced cybersecurity measures and vigilance to protect the sensitive information of Indian citizens. As investigations unfold, the nation anxiously awaits swift and effective action to secure their data.
