Data Breach of 81.5 crore Indians: Hacker allegedly leaks Aadhaar, passport, personal details on dark web | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

Sensitive information of 81.5 crore Indians has allegedly surfaced on the dark web, marking a significant data breach. Reportedly, the stolen data includes Aadhaar and passport details, names, phone numbers, and both temporary and permanent addresses of millions of Indians.

A US-based cybersecurity agency called Resecurity has posted a detailed report about the breach. According to the agency, a hacker using the name ‘pwn0001’ disclosed details about the breach on Breach Forums on October 9. They advertised the availability of 815 million records (81.5 crore). So far, there’s no official confirmation about the data breach from the government.  Resecurity’s HUNTER (HUMINT) unit identified millions of personally identifiable information (PII) records, including Aadhaar cards, belonging to Indian residents being offered for sale on the Dark Web. 

The data set offered by pwn0001 includes the following information:

– Name

– Fathers Name

– Phone Number

– Other Number

– Passport Number

– Aadhar Number

– Age

– Gender

– Address

– District

– Pincode
– State

Resecurity says that the hacker pwn0001 showed some spreadsheets. These spreadsheets had pieces of Aadhaar data as proof. One of these pieces of data had details of 1,00,000 people living in India. The HUNTER team claims to have checked some Aadhaar Card IDs from this piece and found they were real. They checked them on a government website that lets people check if Aadhaar details are real or not.

On August 30, a person online named ‘Lucius’ said they had a big leak of data. This leak was about 1.8 terabytes and was named “India internal law enforcement organization.”

According to the report, this leak had even more personal information than pwn0001’s leak. It had Aadhaar IDs, Voter IDs, and driving license records. The HUNTER team found some records with the word “PREPAID.” This could even mean the leak came from a company that offers pre-paid SIM cards. These companies collect personal information to check their customers before they start their mobile services.

Also read: CoWIN Data Leak: Delhi Police arrest man from Bihar for uploading CoWIN-related data on Telegram

Also read: CoWIN data breach: CERT-In in discussion with 11 states that developed their own databases


Click Here For The Original Story From This Source.

National Cyber Security