According to a survey by the US-based cybersecurity company Resecurity, 81.5 crore Indians, or approximately 815 million, have had their personally identifiable information exposed on the dark web, as reported by Business Standard.
According to the research, information such as names, phone numbers, addresses, Aadhaar, and passport details can be purchased online.
Resecurity stated in a blog post that, “Notably, India’s whole population is around 1.486 billion people.” On October 9, a threat actor going by the handle “pwn0001” made a message on Breach Forums brokering access to 815 million “Indian Citizen Aadhaar & Passport” details.”
The business also stated that after getting in touch with the threat actor, its HUNTER (HUMINT) unit investigators discovered that they were prepared to sell the full Aadhaar and Indian passport database for $80,000.
According to media sources, the breach that hacker “pwn0001” found is currently being looked into by the Central Bureau of Investigation (CBI).
According to a different News18 source, the Indian Council of Medical Research (ICMR) database may contain compromised data.
Additionally, a hacker on X revealed, “India’s Biggest Data Breach.” Over 800 million Indians with COVID-19 have had their personal information compromised by unknown hackers. Name, father’s name, phone number, other number, passport number, Aadhaar number, and age are among the information that was exposed.
In the meanwhile, data breaches have happened before. The government opened a probe into a data breach earlier in June when it was purported that a Telegram chat channel had disclosed personal information of vaccinated residents, including VVIPs, from the CoWin website.
The government, which has been working to digitize the economy and has established digital public infrastructure (DPI) based on people’s bank accounts, mobile numbers, and the biometric identification number Aadhaar as the foundation for benefit transfers and private sector innovation, has been severely shaken by the data breach claim.