Given the severity of the matter, the Central Bureau of Investigation (CBI) is expected to probe the incident after the ICMR files a complaint.
The data breach noticed by the US-based cybersecurity and intelligence firm Resecurity mentioned that “on October 9, a threat actor going by the alias ‘pwn0001’ posted a thread on Breach Forums brokering access to 815 million ‘Indian Citizen Aadhaar and Passport’ records”.
Moreover, the cybersecurity analysts found one of the leaked samples containing 100,000 records of PII (personally identifiable information) related to Indian residents.
The analysts also managed to connect with the threat actor and learned they were willing to sell the entire Aadhaar and Indian passport dataset for $80,000 (over Rs 66 lakh).
However, the threat actor declined to specify how they obtained the data.
Last month, cybersecurity researchers found that the official website of the Ministry of AYUSH in Jharkhand had been breached, exposing over 3.2 lakh patient records on the dark web.
According to the cybersecurity company CloudSEK, the website’s database, amounting to 7.3 MB, holds patient records that include PII and medical diagnoses. The compromised data also contains sensitive information about doctors, including their PII, login credentials, usernames, passwords, and phone numbers.
The data breach was initiated by a threat actor named “Tanaka“.