Cybersecurity professionals are debating over the authenticity of what has been called India’s biggest data leak. The alleged Indian COVID data leak comprises personal information from nearly 815 million people sourced from the Indian Council of Medical Research (ICMR).
Expressing doubts over the source of the Indian COVID data leak, Falcon Feeds, a threat intelligence platform ascertained that they strongly believed that the information was not from ICMR.
The ICMR is a government organization that conducts biomedical research among others and has been known as one of the oldest medical research centers in the world.
Speculations Over Indian COVID Data Leak
According to initial reports, the Indian COVID data leak was noticed by a US-based cybersecurity firm Resecurity. They found that a user on a breach forum going by the alias pwn0001 posted about selling information of 815 million Indians. This included passports, government-issued scheme details from their Aadhaar card and more.
However, this claim soon garnered negation in the hands of the threat intelligence platform Falcon Feeds. They tweeted stating, “We strongly believe that the speculation labeling this data as India’s COVID data or data from ICMR is incorrect.”
Questioning the data type, they added, “The seller has not identified this as medical data, and initial reports suggesting this were based on speculation.”
The initial reports by another news media confirmed that the Computer Emergency Response Team of Ind (CERT-In) informed ICMR about the ICMR data leak. They stated that besides alerting the ICMR, CERT-In informed about the verification of sample data found on the dark web.
The details did match the actual data stored with the ICMR following which all major agencies were called to investigate what has become known as India’s biggest data leak.
Concluding the speculations over the source of data, Falcon Feeds stated that there was a high probability that the data originated from another source.
Regardless of the source of data questioned by security researchers, it can be confirmed that the hacker forum user did post samples of data with Aadhaar details as proof. It is critical that the massive data leak of Indian citizens is thoroughly investigated and exposed data deleted to prevent further abuse.
The hacker forum user posted about the Indian COVID data leak on October 9 claiming that the data amounts to 90GB. “Never sold this data anywhere or anyone before it’s latest private data,” they wrote in the post.
The hacker forum user noted that the among the 815 million people data included names, phone numbers, Aadhaar number, gender, and addresses. Noting the source of the data, the initial news report read, “The ‘threat actor’ claimed the data — extracted from the Covid-19 test details of citizens — was sourced from ICMR.”
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
