An unidentified individual operating under the ominous pseudonym ‘dawnofdevil’ has claimed to have compromised the security of the Income Tax Department of India.
The implications of the Income Tax Department of India security breach are potentially vast, with concerns arising about the confidentiality and integrity of sensitive information housed within the department. However, at present, the claims of a data breach at the Income Tax Department by the threat actor are yet to be confirmed.
Income Tax Department of India on Radar
The threat actor, ‘dawnofdevil,’ asserts having acquired access to an email account hosted on the incometax.gov.in domain.
The hacker claims that the compromised email can be exploited for registrations on various Indian government-affiliated websites, exclusively those utilizing the ‘gov.in’ top-level domain.
According to a statement released by the hacking group, unauthorized access to an email account within the incometax.gov.in domain, directly linked to the Income Tax Department of India, is being offered for exploitation.
The threat actor has attached a price tag of US$500 to this unauthorized access and is actively encouraging potential buyers to establish contact through private channels.
Dawnofdevil also claims to have successfully tested the compromised email on multiple government-affiliated websites, confirming its efficacy in bypassing registration processes.
The Cyber Express Team has reached out to officials from the Income Tax Department to validate this claim; however, as of now, there has been no response from the department.
The compromised domain under scrutiny is incometax.gov.in, the designated official website of the Income Tax Department of India. Notably, at the time of composing this news report, it has been observed that the official website remains fully functional.
This unauthorized access not only poses a direct threat to the security of India, given the critical nature of the Income Tax Department as a government entity, but it also extends its impact beyond national borders. The Asia & Pacific (APAC) region is directly affected, considering the compromised domain’s association with an Indian government organization.
As the cybersecurity community investigates the extent of the Income Tax Department of India’s security breach, there is a heightened emphasis on reinforcing security measures to prevent further unauthorized access and to safeguard sensitive government information from potential misuse.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
