HomeLegal AdviceBiggest Data Leak of all Times: 81.5 Crore Indian’s Data Sourced from...

Biggest Data Leak of all Times: 81.5 Crore Indian’s Data Sourced from ICMR

In a startling revelation, Resecurity, an American cybersecurity and intelligence agency, detected a major data breach impacting over 81.5 crore Indians. The breach, attributed to a ‘threat actor’ named ‘pwn001,’ unfolded on Breach Forums, a self-described ‘premier Databreach discussion and leaks forum.’

This staggering number dwarfs the populations of entire nations; it is approximately ten times the combined populace of Iran, Turkey, and Germany, ranking as the world’s 17th, 18th, and 19th most populous countries, respectively. India, being the world’s most populous nation with 1.43 billion people, underscores the gravity of this breach.

The compromised information includes sensitive details such as Aadhaar and passport information, names, phone numbers, and addresses. ‘pwn001’ claimed to have extracted this data from Covid-19 test records maintained by the Indian Council of Medical Research (ICMR). To substantiate the claim, spreadsheets containing fragments of Aadhaar data were posted, and subsequent analysis confirmed their authenticity as valid Aadhaar card IDs.

Despite the severity of the breach, the Central Government is yet to respond to Resecurity’s alert. The alleged exposure of Aadhaar and passport details, along with personal information, has prompted a swift and comprehensive response. Top officials from various agencies and ministries have been mobilised to address the issue, and a Standard Operating Procedure (SOP) has been implemented to mitigate the potential damage.

The breach not only raises concerns about the security of citizens’ personal information but also underscores the vulnerability of databases associated with critical health data, such as COVID-19 test records. As the investigation unfolds, there is an urgent need for transparency and accountability to assess the extent of the breach, identify the lapses in security protocols, and institute measures to prevent such incidents in the future.

This incident serves as a stark reminder of the evolving threats in the digital landscape and the imperative for robust cybersecurity measures. The breach’s sheer scale emphasises the necessity for governments, organisations, and individuals to prioritise cybersecurity and adopt proactive strategies to safeguard sensitive information from malicious actors.

In conclusion, the alleged data leak affecting 81.5 crore Indians is a matter of grave concern, necessitating a thorough investigation, immediate remedial actions, and a broader discourse on enhancing cybersecurity infrastructure to protect against future threats of this magnitude.

Rugmini Dinu