In a significant security breach, the System for Pension Administration Raksha (SPARSH) portal, India’s central web-based system for automating pension processes for defense personnel, including Army, Navy, Air Force, and civilian defense staff, has suffered a massive data leak.
Thousands of defense personnel’s sensitive information has been exposed in the SPARSH portal data leak, raising serious concerns about the privacy and security of those who have served in the nation’s defense forces.
The SPARSH portal, instrumental in managing pension-related procedures for Indian defense personnel, was developed by Tata Consultancy Services (TCS). TCS, known for its significant market capitalization, is recognized as one of India’s top IT companies and a globally esteemed IT service brand.
The SPARSH Portal data leak includes sensitive particulars such as usernames, passwords, URLs, and Pension Numbers, posing a grave threat to the privacy and financial security of the affected pensioners.
Notably, credentials granting access to this sensitive information have surfaced on Telegram, creating the potential for misuse and manipulation of crucial pension-related processes.
The information belonging to the SPARSH data leak is also reportedly being sold on a Russian marketplace, raising apprehensions about the possible involvement of Russian hacker groups. The leaked data, sized at 0.41Mb and priced at $9.00, is attributed to the malware ‘lumma’.
The exposed confidential details from the portal are primarily of personnel in Kerala. This adds an international dimension to the data breach, intensifying worries about the broader implications and potential misuse of the exposed data.
Following the SPARSH portal data leak, The Cyber Express team managed to access the exposed data and was able to log into the portal using the compromised credentials and gain unrestricted access to personal information.
Implications of the SPARSH Portal Data Leak
The SPARSH portal, an essential component of the Centralized Pension Disbursement System (CPDS), provides a range of features for defense pensioners. The SPARSH portal data leak poses severe implications for these key functionalities:
Pensioner Profile Management: The leaked data exposes the profiles of thousands of pensioners, including personal details and information about their dependents.
Pensioner Data Verification (PDV): The compromised data could undermine the accuracy of pensioner data, giving unauthorized individuals control over information sent to the Pension Sanction Authority.
Application Tracking: Pensioners’ ability to track their pension applications and receive real-time status updates is jeopardized, impacting the transparency of the pension disbursement process.
Pension Disbursement: The compromised data puts the direct transfer of pensions to the linked bank accounts of pensioners at risk, potentially affecting the financial stability of retirees.
Life Certificate Submission: Pensioners’ ability to submit life certificates through the portal for authentication, a crucial step for initiating pension requests, may be compromised.
The SPARSH portal, intended to simplify pension-related activities for defense pensioners, now faces scrutiny over its security measures. The Cyber Express has sought official statements and clarification from the Ministry of Defence and Tata Consultancy Services regarding the SPARSH portal security lapse.
This incident highlights critical vulnerabilities in the system responsible for handling the pensions of India’s defense community.
India’s Cybersecurity Struggles
This incident is part of a concerning trend involving cyber threats targeting Indian government portals. In 2023, an unidentified individual operating under the ominous pseudonym ‘dawnofdevil’ claimed responsibility for compromising the security of the Income Tax Department of India.
However, as of now, the claims of a data breach at the Income Tax Department by the threat actor are yet to be officially confirmed.
In a separate incident, the Phoenix hacker group, affiliated with the pro-Russia hacker group Killnet, asserted that they had conducted multiple cyberattacks on the Ministry of Health in India. The group also claimed to possess access to sensitive data concerning hospitals, staff, and chief physicians.
As per a post shared on their Telegram channel, the hacker collective asserted having gained unauthorized access to the systems of India’s Ministry of Health. Additionally, Indian taxpayers are facing risks, as reports of a data leak from an organization providing tax assistance have surfaced in the media.
According to threat intelligence received by The Cyber Express, a hacker forum user known by the username ‘Hacking’ publicly released Indian taxpayer data on September 27, 2023.
In light of these incidents, all SPARSH portal users are advised to promptly change their passwords as a precautionary measure and remain vigilant for any suspicious activities related to their pension accounts.
Furthermore, authorities must conduct a thorough investigation, enhance the portal’s security measures, and take swift action against those responsible for the SPARSH portal data leak.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.