An anonymous hacker claims to have breached the digital ID numbers, as well as other sensitive personal data, of around 815 million Indian citizens.
To put that number in perspective, it is more than 60% of the 1.3 billion Indian people enrolled in the government’s Aadhaar biometric digital identity program, and roughly 10% of the entire global population. Thanks to the breach — the largest single one in the country’s history, according to the Hindustan Times — the personal data of hundreds of millions of Indians are now up for grabs on the dark web, for as little as $80,000.
To register for an Aadhaar card, Indian residents have to provide basic demographic information, including name, date of birth, age, address and gender, as well as biometric information, including ten fingerprints, two eyeball scans and a facial photograph. Much of that data has apparently been compromised.
Media reports suggest that the source of the leak was the Covid-19 test data of the Indian Council of Medical Research (ICMR), which is linked to each individual’s Aadhaar number.
The alarm was first raised by Resecurity, a Los Angeles-based cyber security company, which on Oct 15 included the following in a blogpost on its corporate website:
On October 9th, a threat actor going by the alias ‘pwn0001’ posted a thread on Breach Forums brokering access to 815 million “Indian Citizen Aadhaar & Passport” records. To put this victim group in perspective, India’s entire population is just over 1.486 billion people.
HUNTER investigators established contact with the threat actor and learned they were willing to sell the entire Aadhaar and Indian passport dataset for $80,000.
The data set offered by pwn0001 contains multiple fields related to the PII of Indian citizens, including but not limited to:
– name
– father’s Name
– phone Number
– other Number
– passport Number
– aadhar Number
– age
– gender
– address
– district
– pincode
– state…
One of the leaked samples contains 100,000 records of personal identifiable information (PII) related to Indian residents. In this sample leak, HUNTER analysts identified valid Aadhaar Card IDs, which were corroborated via a government portal that provides a “Verify Aadhaar” feature. This feature allows people to validate the authenticity of Aadhaar credentials,” Resecurity said…
Resecurity acquired… 400,000 records and contacted multiple victims to validate the information, as well as used the “Verify Aadhaar” feature available via official government WEB-resource in India.
The contacted victims from the acquired data set confirmed the validity of their data, and stated they have never been notified about [the breach] before.
Digital Identity Theft
A leak of such highly sensitive personal identifiable information (PII) creates a significant risk of digital identity theft, warns Security Affairs:
Threat actors leverage stolen identity information to commit online banking theft, tax refund fraud, and other cyber-enabled financial crimes. Nation-state actors are also hunting for Aadhaar data with the goal of espionage and influence campaigns that leverage detailed insights on the Indian population. Resecurity observed a spike in incidents involving Aadhaar IDs and their leakage on underground cybercriminal forums by threat actors who look to harm Indian nationals and residents.
No comments:
Post a Comment