India's Largest Data Leak? Personal Information Of 81.5 Cr Citizens Found On Sale On The Dark Web For ₹65 Lakh

In a shocking revelation, someone has put up details of 81.5 crore Indian citizens for sale on the dark web at a staggering $80,000. People believe that someone extracted this data from COVID-19 test records held by the Indian Council of Medical Research (ICMR). The data includes sensitive information such as Aadhaar and passport details, names, phone numbers, and addresses.

What Happened? First reported by those over Resecurity, the breach was exposed when a dark web user, identified as ‘pwn0001’, advertised the database on a platform known as X. The American cybersecurity firm Resecurity verified the authenticity of the leaked data by cross-checking sample Aadhaar IDs shared by the seller with the government’s “Verify Aadhaar” portal.

This isn’t the first time India's health system has been targeted by hackers. The ICMR has been on the radar of cyber attackers since February, with over 6,000 hacking attempts reported last year. Despite warnings and recommendations for preventive measures, the breach still occurred.

See also: Markets Could Fall 25% If PM Narendra Modi’s BJP Loses 2024 Election: Jefferies

Hunt for the source: Multiple entities, including the National Informatics Centre (NIC), ICMR, and the Ministry of Health, typically share COVID-19 test data, making it challenging to identify the exact source of the leak. This breach underscores the urgent need for robust cybersecurity measures, especially when handling sensitive data on such a massive scale.

The incident follows a similar pattern to last year’s cyber-attack on AIIMS, which had potential links to a neighbouring country. The magnitude of this breach highlights the vulnerabilities in India’s health system and the dire consequences of inadequate data protection.

Read next: Why This SBI Fund-Backed Midcap Stock Is Surging 9.4% Today