ICMR leak: COVID-19 test data of 81.5cr Indians on sale
In a massive data breach, personal details of 81.5 crore Indian citizens, including COVID-19 test data and Aadhaar and passport information, have been put up for sale on the dark web, per News18. The data is believed to have been extracted from the Indian Council of Medical Research (ICMR)'s COVID-19 test records. American cybersecurity and intelligence firm Resecurity first noticed the breach. The Central Bureau of Investigation (CBI) is expected to probe the issue once the ICMR files a complaint.
Over 6,000 hacking attempts on ICMR since February
Since February, the ICMR reportedly experienced many cyberattack attempts, with over 6,000 attempts made last year alone to infiltrate its servers. Central agencies were aware of these attempts and recommended the ICMR take corrective measures to avoid data leaks. The Computer Emergency Response Team of India (CERT-In) alerted the ICMR about the breach after confirming the sample data for sale matched the ICMR's actual data. High-ranking officials from various agencies and ministries have been working on resolving this critical issue.
Threat actor 'pwn0001' advertises database on Breach Forums
A threat actor using the alias "pwn0001" created a thread on Breach Forums, a hacking crime forum, on October 9, offering access to 81.5 crore "Indian Citizen Aadhaar & Passport" records. To substantiate their claim, pwn0001 shared spreadsheets with four large leak samples containing fragments of Aadhaar data. Resecurity analysts found valid Aadhaar card IDs in one sample consisting of 1,00,000 records, which were verified through a government portal offering a "Verify Aadhaar" feature.
India's health system previously targeted by hackers
This is not the first instance of India's healthcare system being targeted by hackers. Last year, the All India Institute of Medical Sciences (AIIMS), New Delhi, suffered a cyber-attack that resulted in changes to various systems. The attack was reportedly linked to "one of India's neighboring countries," as an IP address from that country was discovered.
