wordpress blog stats
Connect with us

Hi, what are you looking for?

Personal data of about 29 million Indian job seekers leaked on the dark web, claims cybersecurity firm

Personal details of about 29 million Indian job seekers, including sensitive information such as their email, phone, home address, qualification, and work experience, among others were leaked on the dark web, according to cybersecurity intelligence firm Cyble. The data amounted to over 2 GB, and was posted by a threat actor (an individual or group who intend to disrupt security of another entity) in one of the hacking forums, the company said. Financial Express first reported this. The company has also discovered almost 2,000 compromised Aadhaar cards, and information on 1.8 million people from Madhya Pradesh in a similar forum (more on that below).

“We usually see this sort of leaks all the time, but this time, the message header got our attention as it included a lot of personal details – where most of the things are generally static such as education, address etc.” Cyble said in a blog post. According to screenshots shared by Cyble, the compromised data showed files from Delhi, West Bengal, Karnataka, Pune, Tamil Nadu, Bengaluru, Mumbai, Chennai and Ahmedabad, among others.

The company initially associated the compromise to a resume aggregator given the “sheer volume and detailed information”, but was later tipped off that the data could have originated from an unprotected elastic search instance. The same tip off also informed Cyble that the instance is longer available, and the company was investigating this claim. Elastic Search is an open source search engine which can index document files in diverse formats.

On Sunday, Cyble found close to 2,000 Aadhaar cards in one of the hacking forums, and said that given the file name the file seems to have originated in 2019. The company associated it with the threat actor who recently leaked data of 1.8 million of people from Madhya Pradesh. It isn’t clear when the data related to residents of Madhya Pradesh was leaked, but according to the Hindu, Cyble discovered the leak during its investigations into the jobseeker data. The report said that authorities have initiated investigations into the matter. We have reached out to Cyble for more information on this.

In April, Cyble had discovered more than 500,000 Zoom accounts put up on sale on the dark web and hacker forums. Credentials including people’s email address, password, personal meeting URL, and HostKey (a 6-digit PIN tied to a person’s Zoom account), could be purchased for less than a rupee, and in some cases, even for free.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

News

As businesses and individuals moved online, cyber criminals and fraudsters were able to hone in their skills and target a wider range of people...

News

Sensitive card data belonging millions of Indians has been compromised and leaked on the dark web due to a security comprise at a server...

News

The Payment Card Industry Data Security Standard (PCI-DSS), the international body for card security, is working on updating security standards for card and mobile...

News

The Reserve Bank of India (RBI) will introduce new Digital Payment Security Controls for regulated entities, to enhance the adoption of digital payments platforms...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2018 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to Daily Newsletter

    © 2008-2018 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ