A hacker going by the alias 'dawnofdevil' has leaked a massive database allegedly containing personal information of over 41 million Hathway customers. Hathway is a major Indian internet service provider and cable TV operator.
The hacker claims to have breached Hathway's systems in December 2023 by exploiting a vulnerability in their Laravel content management system. They initially tried to sell the stolen data for $10,000 on the dark web forum Breach Forums but failed to find a buyer.
What Does the Leaked Data Contain?
The leaked data includes full names, emails, phone numbers, home addresses, government ID details, and other personal information. However, analysis by cybersecurity experts suggests the actual number of impacted users may be around 4 million rather than 41 million due to duplicate and dummy accounts.
In an unusual move, the hacker has created a dark web search engine allowing people to check if their information was compromised. Of course, we can’t share the link here as that would be a major breach of people’s privacy.
Dark web search engine created by dawnofdevil. Source: hackread.com
The hacker first leaked a 12GB file containing user details, then later a massive 214GB database with employee and customer financial information. The larger database has since been deleted. That 12GB file may not seem like much, but it contains a lot of personal information, such as KYC data, Adhaar cards (an identification card issued to residents of India), phone numbers, and more.
Dawnofdevil has a history of illegaly acquiring company data and this incident isn’t the first of its kind. He was also responsible for breaching the security measures of the Income Tax Department of India in 2023.
Hathway's Response
While the full impact is still being assessed, this appears to be a serious data breach affecting millions of Hathway customers in India. Hathway also needs to determine how the hack occurred and improve security to prevent future breaches.
What Should You Do Now?
As with any data breach, people who have been affected should be on high alert for phishing attempts using the leaked data. Cybercriminals may try to steal login credentials by posing as Hathway and referencing the breach. We recommend changing your passwords and enabling multi-factor authentication as a way to boost your security.