Massive Data Breach In India: Aadhaar Information Of 81.5 Crore People Leaked

In what's being described as one of the most significant data leaks in India 's history, personal information from over 81.5 crore individuals has allegedly been exposed online, with the source believed to be the Indian Council of Medical Research ( ICMR ), according to a report by News18.

The breach was initially detected by Resecurity , an American cybersecurity and intelligence agency. They identified a 'threat actor' using the pseudonym 'pwn001,' who posted a thread on Breach Forums , a self-proclaimed 'leading Data breach discussion and leaks forum.' This post granted access to the records of 81.5 crore Indians.

To put this into perspective, the leaked data encompasses approximately 10 times the combined population of countries like Iran, Turkey, and Germany, ranking as the 17th, 18th, and 19th most populous nations globally. It's important to note that India, with 1.43 billion people, is the world's most populous country.

What information has been compromised?
The individual known as 'pwn001,' who previously used the handle on Twitter (now known as 'X'), advertised that the breached data included Aadhaar and passport details, along with names, phone numbers, and addresses. The hacker claimed this information was extracted from the Covid-19 test records of individuals registered with ICMR. To support these claims, 'pwn001' posted spreadsheets containing snippets of Aadhaar data , which subsequent analysis confirmed as valid Aadhaar card IDs.

Steps taken to address the breach
While there has been no official response from ICMR or the government as of yet, the report suggests that the Central Bureau of Investigation ( CBI ) is likely to investigate the matter once it receives a formal complaint from ICMR.

To mitigate the damage caused by the data leak, various agencies and ministries have engaged top officials, and a Standard Operating Procedure (SOP) has been implemented to address the situation.