A significant security lapse has exposed the personal details of 750 million telecommunications users in India, and this information is reportedly being sold on the dark web, as reported by cybersecurity firm CloudSEK.
In a startling disclosure, CloudSEK has uncovered a massive security breach that has compromised the personal information of an astonishing 750 million individuals in India. The breach includes crucial details such as names, mobile numbers, addresses, and Aadhaar information. This extensive dataset, totalling a staggering 1.8 terabytes, is reportedly being offered for sale by threat actors associated with CyboDevil and UNIT8200.
The security breach came to light on January 23, 2024, when CloudSEK’s AI digital risk platform, XVigil, identified a post by CyboDevil on an underground forum advertising the Indian Mobile Network Consumer Database. On January 14, 2024, UNIT8200 had similarly offered comparable data on Telegram.
The exposed dataset is said to encompass 85 per cent of the Indian population, marking it as one of the most significant breaches in recent memory. Compressed to 600GB and uncompressed to 1.8TB, the compromised information poses substantial risks to individuals and organizations. The hackers are reportedly demanding $3,000 for the entire dataset.
CloudSEK’s initial analysis of the sample dataset indicates that all major telecom providers are affected by the leak of Personally Identifiable Information (PII). The potential consequences of this breach include financial losses, identity theft, reputational harm, and an increased susceptibility to cyberattacks.
The threat actors, identified as members of the CYBOCREW group, have asserted previous access to real-time Indian phone number KYC details and have been observed selling API access to the Indian vehicle database. Their activities suggest potential vulnerabilities within government databases or telecommunication systems.
Sparsh Kulshrestha, Threat Intelligence & Security Research at CloudSEK, emphasized the severity of the situation, stating, ‘The magnitude of this data leak cannot be overstated. With the personal information of 750 million individuals exposed, the potential for cyberattacks and identity theft is unprecedented.’
In response to the breach, CloudSEK has notified relevant authorities and organizations that may be affected. As a precautionary measure, individuals and organizations are advised to implement advanced threat detection systems, ensure compliance with data protection regulations, and conduct awareness programs to educate users about potential scams and phishing attempts.
This breach underscores the critical importance of a comprehensive cybersecurity approach, collaboration with relevant authorities, and the immediate implementation of robust measures to safeguard against unauthorized access and data breaches. The incident serves as a stark reminder of the ongoing threats in the digital landscape, emphasizing the need for collective efforts to enhance cybersecurity defences. For more information, stay tuned to the IncBasil Website.
