A massive data breach has exposed the personal details of over 81.5 crore (or 815 million) Indians, potentially the biggest leak in the country's history.
The leaked data contains private information of over 81.5 crore people, around 10 times the population of major countries like Iran, Turkey and Germany. India is now the most populous country in the world, so naturally, this breach has raised concerns about privacy and cybersecurity.
Here are more details on what happened.
Type of Information Leaked
First reported by the Indian news television channel News18, the breach has since garnered international attention. It exposed names, phone numbers, addresses, Aadhaar (a 12-digit unique identity number) details and passport information. The hacker claims this data was sourced from the Covid-19 test records of Indian citizens registered with the Indian Council of Medical Research (ICMR).
Source of the Leak
Though not officially confirmed, the data is believed to have been leaked from the Indian Council of Medical Research’s (ICMR) servers, or more specifically, the COVID-19 test details that were stored in its database. The breach was first detected by American cybersecurity firm Resecurity.
The firm said that a hacker with the alias 'pwn001' advertised the data on the dark web forum Breach Forums. As proof, they posted samples of spreadsheets containing Aadhaar IDs.
What Does the Indian Government Plan to Do?
As of yet, the government hasn’t addressed the breach. The ICMR hasn’t issued any statement, either, or explained how the hacker was able to get access to its data.
According to News18, the Central Bureau of Investigation (CBI) will begin to look into the matter as soon as it receives a complaint from the ICMR.
The government is yet to issue an official statement on the matter. With over 80 crore people exposed, this has the potential to become one of India's biggest cybersecurity incidents.