In what might be one of the most tell-tale indicators of the state of cybersecurity in India, data from Prime Minister Narendra Modi’s personal website is said to have been leaked on the Dark Web. Cybersecurity firm, Cyble, says it was tipped off about the development on October 10, whereupon, the company found personally-identifiable information of over 5,74,000 users, including more than 2,92,000 donors.
According to an official blog post by Cyble, one of the leaked databases includes names, email addresses and mobile numbers, while another one showcases donation details, including bank reference numbers, payment modes, etc. As per the second database, the donations were made to a variety of causes, including CoVID-19 relief, Swachh Bharat and other national issues, but also includes political contributions to the BJP.
What’s even more alarming is that the researchers say they strongly suspect the data is already being “misused for criminal purposes”, although, there’s no more information in that regard. The company claims that the data has the “potential to be misused for malpractices such as Phishing Emails, Spam Text Messages, etc”.
Cyble has indexed all the available information, and it is available on the company’s website, AmIBreached.com. The researchers are encouraging all users registered on the PM’s website (NarendraModi.in) to go over to the aforementioned site to ascertain the risks and gauge the extent of the information exposure suffered.
The news of the data breach comes just over a month after the official Twitter account of Prime Minister Narendra Modi was taken over by hackers claiming to be part of the notorious ‘John Wick’ hacking cartel. Twitter, however, reacted quickly to delete the spam posts and restore the account to its rightful owner.