 "dark pattern, dark web, dark internet")
A staggering 1.8 terabyte (TB) of Indian mobile network database storing personal details of 750 million people has been put up for sale on dark web platforms in a major breach, according to researchers at cybersecurity firm CloudSEK.
The breach, which came to light on Monday, led to a compromised mobile network database of critical information such as names, mobile numbers, addresses, and Aadhaar details, researchers said.
“The magnitude of the data leak cannot be overstated. With the personal information of 750 million individuals exposed, the potential for cyberattack and identity theft is unprecedented. Telecom service providers and the government must validate the data and identify the loophole,” said Sparsh Kulshrestha, threat intelligence and security research, CloudSEK.
“This breach underscores the critical need for organisations and individuals to prioritise cybersecurity measures and remain vigilant,” he added.
An email sent to CERT-In, a government nodal agency for cybersecurity, elicited no response till the time of going to press.
According to CloudSEK, the breach was detected when a threat actor named CyboDevil advertised the database for sale on an underground platform.
More From This Section
The dataset allegedly encompasses around 85 per cent of the population, making it one of the largest breaches of its kind. A similar offer was made by another threat actor, UNIT8200, on January 14 on messaging platform Telegram, according to the company.
After analysing the sample data provided by the threat actor, the firm found the breach to be affecting all major telecom players.
When enquired by CloudSEK, the threat actor denied any involvement in a breach and claimed to have obtained the data through undisclosed sources within law enforcement channels.
Members of the CYBOCREW — a hacker group linked to major breaches targeting organisations in the automobile, jewellery, insurance and apparel sectors — have previously claimed real-time access to Indian phone numbers, Know Your Customer details, including government lookup capabilities, in July 2023, according to CloudSEK.
Databases that include personally identifiable information have been a target for threat actors in the past. In a similar breach last month, defence pensioners’ portal SPARSH suffered a breach, risking personal information of over 3 million former servicemen.
