As what can be called a shocking revelation, the personal information of around 800 million in India has been leaked as part of a huge Aadhaar card/passport data breach. The data has been up for sale on the dark web, thus, putting millions of people’s data at risk. Here’s a look at the details.
Aadhaar Card Falls Prey to Yet Another Breach
A cybersecurity firm Resecurity has suggested that a threat actor “pwn0001” offered to leak information of 815 million people on Breach Forums. This includes details like names, phone numbers, addresses, passport information, age, gender, and more.
It is also revealed that the threat actor offered the data in exchange for $80,000 (~ Rs 66,59,888). The firm’s HUNTER analysts even verified the data of the leaked Aadhaar cards, which was proven valid. It still remains unknown how the bad actor got access to this massive set of people’s data. That said, it is suggested that this could be possibly leaked via the Indian Council of Medical Research (ICMR) database. A hacker, via a post on X (formerly, Twitter), suggested that over 800 million people’s COVID-19 data has been leaked.
The report further reveals that the HUNTER analysts saw multiple datasets with ‘prepaid‘ signatures. This could possibly belong to people who got a prepaid SIM and hence, it could be a leak from a major telecom operator too.
Nothing is concrete as of now! The Central Bureau of Investigation (CBI) is looking into the matter and we should get an official statement on the matter soon. The data leak is of utmost importance and this can impact the privacy of people, lead to identity theft for malicious activities, or even cause financial fraud.
Hence, it is important to stay safe. Avoid sharing important documents or data with unreliable sites or apps! And in case you want to see if you have been a part of any data breach, you can check out this website!