Massive ICMR Data Breach Exposes Personal Details of Over 81.5 Cr Indian Citizens

The breach was exposed when US cybersecurity firm Resecurity discovered a threat actor known as 'pwn0001' selling access to 815 million 'Indian Citizen Aadhaar and Passport' records on Breach Forums.

In a massive data breach, the personal details of more than 81.5 Cr citizens linked to the Indian Council of Medical Research (ICMR) have surfaced on the dark web, including sensitive information such as Aadhaar and passport details, names, phone numbers, and addresses.

This alarming incident has prompted the Central Bureau of Investigation (CBI) to step in for a thorough investigation following a formal complaint from the ICMR.

The breach came to light when the US-based cybersecurity and intelligence firm Resecurity identified a threat actor named 'pwn0001' offering access to 815 million 'Indian Citizen Aadhaar and Passport' records on Breach Forums.

Cybersecurity analysts verified the authenticity of the breach by examining a sample of 100,000 records containing personally identifiable information (PII) related to Indian residents. They even cross-referenced Aadhaar Card IDs through a government portal's "Verify Aadhaar" feature.

The threat actor was reportedly willing to sell the entire dataset, consisting of Aadhaar and Indian passport details, for a staggering $80,000 (over INR 66 Lakh). However, the source of the data remains undisclosed.

This incident follows a recent breach of the Ministry of AYUSH's official website in Jharkhand, where over 3.2 Lakh patient records were exposed on the dark web.

The compromised data, amounting to 7.3 MB, contained sensitive patient information, medical diagnoses, and data about healthcare providers, including their personally identifiable information, login credentials, usernames, passwords, and phone numbers. The breach was attributed to a threat actor known as "Tanaka."

According to reports, last year witnessed over 6,000 hacking attempts on the ICMR website, indicating the persistent threat posed by cybercriminals.

The ICMR data breach has raised serious concerns regarding the security of personal information in the digital age. As investigations proceed, it becomes essential for organisations and authorities to bolster cybersecurity measures to safeguard sensitive data and protect citizens from data breaches and cyber threats. Cybersecurity awareness and vigilance remain crucial components in the ongoing battle against cybercrime.

Recently, in a similar development, a significant breach in the security of Noida-based Redcliffe Labs, a prominent Indian diagnostic centre, resulted in the exposure of more than 1.2 Cr medical records, including sensitive patient information. The breach was discovered by cybersecurity researcher Jeremiah Fowler, who found an unprotected database housing extensive medical data.

This breach adds to a series of cyberattacks targeting India's healthcare system, including a malware attack on the All India Institute of Medical Sciences Delhi on June 6. Fortunately, the institute's cybersecurity systems successfully neutralised the threat.

In response to this cyber attack at AIIMS, New Delhi, the Postgraduate Institute of Medical Education and Research (PGIMER) in Chandigarh took proactive steps by initiating an audit of its Hospital Information System (HIS) last month.

This move positioned PGIMER as a pioneering medical institute of national importance in India to undertake such an audit. The primary objective of this audit is to assess potential vulnerabilities in PGIMER's systems and enhance its cybersecurity measures to safeguard against future cyber threats.