In what could potentially be the largest data breach in India's history, personal information of 81.5 crore Indians has been exposed on the dark web. This alarming breach came to light after a hacker, known as 'pwn0001,' advertised the stolen data online. The compromised information is believed to have originated from the Indian Council of Medical Research (ICMR), which collected it during COVID-19 testing. The leaked data includes sensitive details such as Aadhaar and passport numbers, names, phone numbers, and both temporary and permanent addresses.
The hacker, named 'pwn0001,' shared the data on the dark web and made it available to potential buyers. This indicates a major threat to the privacy and security of millions of Indians. The extent of the damage caused by this breach is yet to be determined.
This breach has caught the attention of cybersecurity experts, including the Computer Emergency Response Team of India (CERT-In), which has notified the ICMR about the data leak. Immediate action is being taken to investigate the breach and prevent further unauthorized access to personal information.
Unfortunately, this is not the first time that a major medical institution in India has faced such a breach. Earlier this year, AIIMS (All India Institute of Medical Sciences) experienced a cyberattack, resulting in the compromise of over 1TB of data. The incident forced the hospital to revert to manual record-keeping for a significant period, disrupting the institution's operations.
The implications of this massive data breach are severe, as it exposes millions of Indians to potential identity theft, scams, and other malicious activities. It highlights the urgent need for stronger data protection measures and increased cybersecurity awareness in India.
The American agency Resecurity, specializing in cybersecurity and intelligence, initially discovered the breach. Their expertise will likely play a crucial role in securing the exposed data and identifying the vulnerabilities that led to this breach. The investigation into this incident is ongoing, and steps are being taken to hold the responsible parties accountable.
As the aftermath of this breach unfolds, it serves as a reminder that the protection of personal information is a vital concern that must be continuously addressed. The need for stringent measures to safeguard sensitive data has become paramount in a digital age where cyber threats are constantly evolving.