In what comes as possibly the biggest data leak case in India, details of 81.5 crore Indians are on sale. The data has been sourced from the Indian Council of Medical Research (ICMR) and the Central Bureau of Investigation (CBI) is likely to probe the matter, as per a report in News18.
American cyber security and intelligence agency Resecurity was the first to notice that a ‘threat actor’ with the user name ‘pwn0001’ had posted a thread on Breach Forums on October 9 where they were brokering access to “Indian Citizen Aadhaar & Passport” details retracted from the Covid-19 test records of citizens.
The user had shared spreadsheets with fragments of Aadhaar details as proof.
“One of the leaked samples contains 1,00,000 records of PII(Personal Identifiable Information) related to Indian residents. In this sample leak, HUNTER analysts identified valid Aadhaar Card IDs, which were corroborated via a government portal that provides a ‘Verify Aadhaar’ feature. This feature allows people to validate the authenticity of Aadhaar credentials,” the publication quoted Resecurity as saying.
The report claimed that over 6,000 attempts have been made last year to hack the ICMR website.
Moreover, this is not the first time the Indian health system has been targeted by hackers. A malware attack was detected at the All India Institute of Medical Sciences Delhi on June 6 but the threat was neutralised by the deployed cyber-security systems at the institute, authorities said.
"A malware attack was detected at 14:50 hrs today by the cyber-security systems deployed in AIIMS, New Delhi. The attempt was successfully thwarted, and the threat was neutralised by the deployed cyber-security systems. The e-Hospital services remain to be fully secure and are functioning normally," the All India Institute of Medical Sciences (AIIMS) said.
Reacting to the news, the All India Trinamool Congress launched an attack on the Narendra Modi government, saying "Why, PM @narendramodi, are citizens left exposed and vulnerable to such data breaches when your government touts its commitment to ironclad data security? How did your Government and @AmitShah's @HMOIndia remain blissfully unaware? Why were the people not promptly informed about the potential risks to their personal information? And for how long will the incompetence of Cabinet Minister @AshwiniVaishnaw and MoS @Rajeev_GoI of @GoI_MeitY be ignored?"
This comes at a time when at least four opposition leaders on Tuesday claimed to have received messages from Apple warning them of "state-sponsored attackers trying to remotely compromise" their iPhones and posted the purported screenshots on their X handles.
Trinamool Congress MP Mahua Moitra, Shiv Sena (UBT)'s Priyanka Chaturvedi, Congress' Lok Sabha Member Shashi Tharoor and his party's media and publicity department head Pawan Khera shared the screenshots on X.
(With PTI inputs)
Deccan Herald is on WhatsApp Channels| Join now for Breaking News & Editor's Picks