India's Biggest data breach, ICMR data leak exposes personal data of 81.5 crore Indian to dark web
According to the cybersecurity company CloudSEK, the website's database, amounting to 7.3 MB, holds patient records that include PII and medical diagnoses. The compromised data also contains sensitive information about doctors, including their PII, login credentials, usernames, passwords, and phone numbers.
New Delhi: In a massive data breach, details of over 81.5 crore citizens with the Indian Council of Medical Research (ICMR) are on sale on the dark web, which contains crucial information such as Aadhaar and passport details, along with names, phone numbers, and addresses, according to the reports.
Given the severity of the matter, the Central Bureau of Investigation (CBI) is expected to probe the incident after the ICMR files a complaint.
The data breach noticed by the US-based cybersecurity and intelligence firm Resecurity mentioned that "on October 9, a threat actor going by the alias ‘pwn0001’ posted a thread on Breach Forums brokering access to 815 million 'Indian Citizen Aadhaar and Passport' records".
Also Read:1.5 lakh patients' data of TN hospital on Dark Web
Moreover, the cybersecurity analysts found one of the leaked samples containing 100,000 records of PII (personally identifiable information) related to Indian residents.
In this sample leak, the analysts identified valid Aadhaar Card IDs, which were corroborated via a government portal that provides a "Verify Aadhaar" feature.
The analysts also managed to connect with the threat actor and learned they were willing to sell the entire Aadhaar and Indian passport dataset for $80,000 (over Rs 66 lakh).
However, the threat actor declined to specify how they obtained the data.
Last month, cybersecurity researchers found that the official website of the Ministry of AYUSH in Jharkhand had been breached, exposing over 3.2 lakh patient records on the dark web.
According to the cybersecurity company CloudSEK, the website's database, amounting to 7.3 MB, holds patient records that include PII and medical diagnoses. The compromised data also contains sensitive information about doctors, including their PII, login credentials, usernames, passwords, and phone numbers.
The data breach was initiated by a threat actor named "Tanaka".
Disclaimer: This website is primarily for healthcare professionals. The content here does not replace medical advice and should not be used as medical, diagnostic, endorsement, treatment, or prescription advice. Medical science evolves rapidly, and we strive to keep our information current. If you find any discrepancies, please contact us at corrections@medicaldialogues.in. Read our Correction Policy here. Nothing here should be used as a substitute for medical advice, diagnosis, or treatment. We do not endorse any healthcare advice that contradicts a physician's guidance. Use of this site is subject to our Terms of Use, Privacy Policy, and Advertisement Policy. For more details, read our Full Disclaimer here.
NOTE: Join us in combating medical misinformation. If you encounter a questionable health, medical, or medical education claim, email us at factcheck@medicaldialogues.in for evaluation.