Personal details of about 29 million Indian job seekers, including sensitive information such as their email, phone, home address, qualification, and work experience, among others were leaked on the dark web, according to cybersecurity intelligence firm Cyble. The data amounted to over 2 GB, and was posted by a threat actor (an individual or group who intend to disrupt security of another entity) in one of the hacking forums, the company said. Financial Express first reported this. The company has also discovered almost 2,000 compromised Aadhaar cards, and information on 1.8 million people from Madhya Pradesh in a similar forum (more on that below). “We usually see this sort of leaks all the time, but this time, the message header got our attention as it included a lot of personal details – where most of the things are generally static such as education, address etc.” Cyble said in a blog post. According to screenshots shared by Cyble, the compromised data showed files from Delhi, West Bengal, Karnataka, Pune, Tamil Nadu, Bengaluru, Mumbai, Chennai and Ahmedabad, among others. The company initially associated the compromise to a resume aggregator given the “sheer volume and detailed information”, but was later tipped off that the data could have originated from an unprotected elastic search instance. The same tip off also informed Cyble that the instance is longer available, and the company was investigating this claim. Elastic Search is an open source search engine which can index document files in diverse formats. On Sunday, Cyble found…
