It has emerged that the Indian Council of Medical Research’s (ICMR) data bank contained over 81 crore Indians’ personal information, a startling discovery that shocked the whole country. The breach, which was uncovered by central intelligence agencies two months ago, presents grave questions regarding the protection of private data and the possible fallout for anyone who may be impacted.
Credits: TwentyFour News
The Arrests: Unraveling the Culprits’ Web:
Delhi Police recently made significant strides in the investigation by arresting four individuals connected to the data breach. The suspects, hailing from different states, revealed during questioning that they had not only targeted the ICMR but had also managed to infiltrate the data of the Federal Bureau of Investigation (FBI) and Computerised National Identity Card (CNIC), Pakistan’s equivalent of Aadhaar.
The arrested individuals, including a B.Tech degree holder from Odisha and two school dropouts from Haryana, claimed to have met on a gaming platform three years ago. Their motivations were purely financial, as they sought to exploit the stolen data for quick monetary gains.
The Breach and its Detection:
When intelligence officers discovered the hacked data, which included passport and Aadhaar records, on the dark web in October, they became aware of the breach for the first time. The extent of the leak alarmed people so much that it was reported to the national cybersecurity threat-responsibility organization, the Indian Computer Emergency Response Team (CERT-In), right away.
Working with pertinent departments, CERT-In confirmed that the data leak was authentic. A sample of one lakh individuals was used in subsequent assessments to verify the accuracy of the data. Because of how serious the issue was, an investigation was conducted very away, and the four people who were in charge of the breach were apprehended.
The Cybersecurity Company’s Perspective:
American cybersecurity and intelligence agency Resecurity played a crucial role in uncovering the breach. In a blog post, Resecurity disclosed that on October 9, a threat actor named ‘pwn0001’ had posted a thread on Breach Forums offering access to 815 million ‘Indian Citizen Aadhaar & Passport’ records. Resecurity’s HUNTER unit identified millions of personally identifiable information records, including Aadhaar cards, being offered for sale on the Dark Web.
Highlighting the gravity of the situation, Resecurity stated that the data, although extensive, was valid and sensitive. The involvement of a reputable cybersecurity firm emphasizes the sophistication of the breach and the potential risks associated with the compromised information.
Government Response and Investigation:
Rajeev Chandrasekhar, the Union Minister of State for Electronics and IT, admitted that there was indications of a data leak but insisted that the information was not taken. He claimed that different departments managing data relating to Covid had databases with details on testing, immunization, diagnosis, and other related topics. The fact that multiple people were given access to these databases led to the breach.
The goal of the current inquiry is to learn more about the specifics of the breach and how the hackers were able to get such private data compromised. A number of central agency officials are actively involved in the questioning process in order to obtain information about the strategies used by the cybercriminals.
Possible Impact and Concerns:
The scale and nature of this data breach raise significant concerns about the potential impact on individuals affected. With personal details, including Aadhaar and passport records, now available on the dark web, affected individuals may face risks of identity theft, financial fraud, and other malicious activities.
The breach’s fallout is not confined to India alone, as the stolen data reportedly includes information from the FBI and Pakistan’s CNIC. The international ramifications underscore the need for robust cybersecurity measures to safeguard sensitive information in an increasingly interconnected world.
Conclusion:
The ICMR data breach serves as a stark reminder of the vulnerabilities in our digital infrastructure and the critical importance of bolstering cybersecurity measures. As authorities delve deeper into the investigation, the collaboration with cybersecurity firms and international agencies becomes crucial in addressing the multifaceted challenges posed by cyber threats. This incident emphasizes the urgency for organizations and governments to continually enhance their cybersecurity protocols to protect the privacy and security of individuals in an era dominated by digital interactions.
