Online Leak Exposes Aadhaar and Passport Details of 81.5 Crore Indians

In a shocking development, the most significant data breach in India has allegedly been revealed. Aadhaar card leak involves nearly 81.5 crore Indians! According to a report by News18, the leak was initially discovered by American cybersecurity company Resecurity, which detected a thread on Breach Forums posted by a threat actor with the nickname "pwn001." The thread advertised a database containing information like Aadhaar, passports, phone numbers and addresses of nearly 81.5 crore Indians. The hacker even posted some spreadsheets as "proof" that he really had the data.

The data was uploaded as leak samples into spreadsheets with fragments of Aadhaar card details, which the user claimed to have obtained from the Indian Council of Medical Research (ICMR). The data appears to have been part of the COVID-19 details with the ICMR. According to the report, the data samples have been verified and found to be actual data. Additionally, News18 reported that the threat actor put the data up for sale.

Countermeasures implemented

The Computer Emergency Response Team of India (CERT-In), a national cybersecurity agency, informed the ICMR about the data breach, and all senior officials of various agencies have been involved in ascertaining whether the Aadhaar details and other identifications have leaked or not. News18 further reported that to ensure damage control, standard SoP has been implemented. It is said that the Central Bureau of Investigation (CBI) is likely to launch an investigation into the matter once the ICMR files a complaint.