New Delhi: The personal data of more than 81 crore Indians has allegedly been exposed and offered for sale on the dark web.
This data, related to COVID-19 tests, was previously held by the Indian Council of Medical Research (ICMR) and is believed to be the source of the leak. The breach was reportedly detected by an American cybersecurity and intelligence agency.
The information that surfaced on the dark web is said to include details such as the names of beneficiaries, addresses, phone numbers, Aadhaar card numbers, and more.
The breach was also promoted on platform X, formerly known as Twitter, where the individual responsible for the breach shared the details.
It has been reported that this “threat actor” posted spreadsheets containing four substantial data samples, totalling one lakh records of personally identifiable information linked to Indian residents.
The IMCR has notified the Indian Computer Emergency Response Team (Cert-In) about the situation, Health Ministry officials said. It remains unclear whether the hacker breached the ICMR’s systems or other sources.
A Health Ministry official stated that the verification process for the breach reports is still underway.
Notably, this is not the first instance where India’s healthcare system has been targeted by cyberattacks.
Earlier this year, there were reports of data leaks related to COVID-19 vaccinations. Initially, it was attributed to breaches through the CoWIN portal, but subsequent investigations revealed breaches across state government databases.
In November 2022, AIIMS experienced a cyberattack that resulted in server disruptions, affecting the functioning of the outpatient department (OPD) and sample collection services.
Discussion about this post