Cyber security solutions company Seqrite, along with its partner seQtree detected and notified the Indian government about a possible breach of India’s National Internet Registry - IRINN (Indian Registry for Internet Names and Numbers), the company informed via a blog post. Apparently, the hacker(s) had advertised "access to the servers and database dump of an unspecified Internet Registry" on a Darknet platform, which Seqrite and seQtree identified as IRINN. IRINN "provides allocation and registration services of Internet Protocol addresses (IPv4 & IPv6) and Autonomous System numbers," according to its official website. It is part of NIXI (National Internet Exchange of India), which "is the neutral meeting point of the ISPs in India with the primary objective being the facilitation of exchange of domestic Internet traffic between peering ISP members." The sequence of events as described by Seqrite: Upon noticing the broadcast advertisement, seQtree and Seqrite teams started gathering background research on the actor but did not yield any concrete information. But the team didn’t get any relevant data even after conducting deep research and it appeared that this actor’s persona was created recently. This is an ongoing trend that the team has noticed with recent data breaches. The team then contacted the actor for further details, posing as an interested buyer. Initially the actor was not willing to disclose the name of affected Internet Registry, however, later he agreed to share a small sample of email list from the allegedly compromised database. In the sample, the team noticed email address of a prominent Indian technology firm and another email…
