wordpress blog stats
Connect with us

Hi, what are you looking for?

Data breach: Aadhaar and passport details of 815 million Indians listed for sale

Investigators established contact with the hacker selling the database, and noted that the latter was willing to sell it for $80,000.

A database claiming to contain the Aadhaar number, passport number, and other personal details of 815 million Indians is listed for sale on BreachForums since October 9.

“To put this victim group in perspective, India’s entire population is just over 1.486 billion people,” cybersecurity firm Resecurity noted in its blog post, emphasising that this could be the largest data breach of personal data in the country. In the wrong hands, this data can be used for digital identity theft, which can further result in other cybercrimes like banking fraud.

Investigators with Resecurity established contact with the hacker selling the database and learned they were willing to sell it for $80,000. The hacker also shared spreadsheets containing four large leak samples with fragments of Aadhaar data as proof. The Resecurity team was able to identify valid Aadhaar IDs in the samples by cross-checking the same with UIDAI’s Verify Aadhaar feature. The authenticity of the entire database is however unverified.

It is not yet clear where this database leaked from. The hacker “declined to specify how they obtained the data. Without the threat actor disclosing the source of the data leak any effort to diagnose the cause of the beach will be speculative,” Resecurity noted. Some media outlets have attributed the leak to the Indian Council of Medical Research (ICMR), but ICMR has not confirmed the same. The Times of India reported that the government is probing this leak.

Article continues below ⬇, you might also want to read:

Other personal details apart from Aadhaar and passport numbers that the database claims to contain include:

  • name
  • fathers name
  • phone number
  • alternate number
  • age
  • gender
  • address
  • district
  • pincode
  • state
  • town

The size of the database is 90 GB.

“With more government agencies and companies hoovering up greater volumes of data now than ever, data leaks are almost inevitable. Any entity collecting such data should use data-centric security and deploy zero-trust protocols. Without a data security plan, we will continue to see sensitive personal information like health and financial data being breached.

This will lead to identity theft and other costs amounting to billions.

A swift probe and transparency from the ICMR and MEITY are essential to maintaining public trust.

If they cannot guarantee data security, the government should stop collecting PII for every interaction.” — Mishi Choudhary, Technology Lawyer and Online Civil Rights Activist

STAY ON TOP OF TECH NEWS: Our daily newsletter with the top story of the day from MediaNama, delivered to your inbox before 9 AM. Click here to sign up today!

Update (October 31, 12:30 pm): Added comment from Mishi Choudhary

Written By

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Factors like Indus not charging developers any commission for in-app payments and antitrust orders issued by India's competition regulator against Google could contribute to...


Is open-sourcing of AI, and the use cases that come with it, a good starting point to discuss the responsibility and liability of AI?...


RBI Deputy Governor Rabi Shankar called for self-regulation in the fintech sector, but here's why we disagree with his stance.


Both the IT Minister and the IT Minister of State have chosen to avoid the actual concerns raised, and have instead defended against lesser...


The Central Board of Film Certification found power outside the Cinematograph Act and came to be known as the Censor Board. Are OTT self-regulating...

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ