Category: Aadhaar

Aadhaar, the unique identification number issued to every Indian citizen, has recently made headlines for all the wrong reasons. There are alarming reports suggesting that the personal information of approximately 815 million citizens was illicitly accessed by hackers through the Indian Council of Medical Research (ICMR) website, which maintains records of Covid-19 vaccination details for the public.

The ICMR, short for the Indian Council of Medical Research, fell victim to a security breach in September of this year. Allegedly, an actor known as ‘pwn001’ successfully gained unauthorized access to this data and subsequently posted it on a discussion thread within Breach Forums.

The breach is particularly concerning as the hacker claims to have sourced data on over 81.5 crore (815 million) Indian residents from a website related to citizen information. To put this into perspective, the leaked data pertains to roughly half of India’s total population, which stands at a staggering 144 crore citizens, or 1.40 billion people.

What makes this UIDAI data breach even more troubling is the wealth of information the hacker managed to obtain. In addition to Aadhaar numbers, the breach includes names, phone numbers, addresses, and passport data of Indian citizens. Such comprehensive personal information can potentially be exploited by cybercriminals to orchestrate phishing attacks and other malicious activities.

In response to this alarming breach, the Information and Broadcasting Ministry of India has reported that the Central Bureau of Investigation (CBI) is currently investigating the details of the data breach. The CBI launched this inquiry following a complaint filed by the ICMR. The Ministry has pledged to provide further information once a thorough investigation has been completed.

It is worth acknowledging the efforts of Resecurity, a cybersecurity firm based in Los Angeles, for initially bringing this significant breach to public attention. Their responsible disclosure of this information through proper channels has played a crucial role in shedding light on this serious security incident.

The post India witnesses biggest data breach of Aadhaar details via ICMR appeared first on Cybersecurity Insiders.

In recent times, our focus has been on reporting the aftermath of cyber attacks and the challenges faced by their victims. In this article, we will shift our attention to the cyber attacks that have left a significant impact on millions and billions of online accounts.

1.) Yahoo: Back in September 2018, Yahoo, a pioneer in the world of online search engines, made a troubling announcement. A cyber incident had occurred, resulting in a massive data breach that exposed information from over 3 billion user accounts. It was later revealed that hackers had gained access to data stored on the servers between August 2013 and December 2016. This breach dealt a severe blow to the company’s reputation, prompting its potential buyer, Verizon, to negotiate a lower acquisition price. This incident also led to the resignation of the then-CEO, Marissa Mayer, following the acquisition process.

2.) Aadhaar: Early in 2018, the Indian government faced a significant embarrassment when several media outlets reported that a hacking group had successfully infiltrated and stolen data from over 1.1 billion UIDAI (Unique Identification Authority of India) accounts. Although the Indian Parliament dismissed these claims as sensationalized journalism, some security experts corroborated that the incident had indeed exposed biometric information.

3.) Alibaba Data Theft: The year 2020 witnessed a troubling incident involving Chinese e-commerce giant Alibaba. A developer managed to illicitly access and steal information from a staggering 1.1 billion Alibaba customers using a crawler software. Reports circulated that the developer, in collusion with a marketing company, orchestrated this data collection over an 8-month period. However, it was later clarified that the compromised data pertained to the shopping website Taobao and had no direct connection to Alibaba itself.

4.) LinkedIn: Known as a professional networking platform, LinkedIn became the subject of headlines when data linked to approximately 700 million users appeared for sale on the dark web in June 2021. Subsequent investigations uncovered that the data originated from a marketing firm that had scraped information from LinkedIn users spanning the years 2009 to 2020. Contrary to initial reports, this dataset was not fresh, new information.

5.) Facebook: In May 2021, Facebook, under the leadership of Mark Zuckerberg, found itself in the news as data from 533 million users surfaced on the dark web. Troy Hunt of HaveIBeenPwned and his research team revealed that this information had been harvested between 2017 and 2019 from the platform. The compromised data encompassed account names, phone numbers, and Facebook IDs. The fate of this data—whether it was sold on the dark web for potential phishing attacks—remains uncertain.

6.) Marriott International: Luxury hotel chain Marriott International faced a significant breach in September 2018, as details emerged about hackers accessing data from over 500 million Starwood customers. This sophisticated attack, traced back to unauthorized parties since 2014, led to the exposure of information such as mailing addresses, names, phone numbers, email addresses, passport numbers, Starwood Preferred Guest account particulars, dates of birth, gender details, guest arrival and departure specifics, as well as reservation details including itineraries derived from transportation service data.

7.) Adult Friend Finder: Making headlines in October 2016, hackers executed an unexpected breach, compromising data from users of Adult Friend Finder across six databases that had been collecting information since 2001. In November 2016, LeakedSource.com published data relating to over 413 million accounts, which was subsequently purchased by a representative from an adult-oriented company in March 2020.

8.) MySpace: In 2016, MySpace came under scrutiny as hackers successfully exfiltrated data from more than 360 million accounts. The stolen data was later sold for 6 BTC in 2017, a fact confirmed by LeakedSource.com.

9.) NetEase: The year 2015 witnessed a significant data breach affecting email service provider NetEase. It was estimated at that time that the company suffered a loss of data pertaining to approximately 235 million accounts. This compromised data was ultimately procured by a vendor named DoubleFlag from the dark web.

10. Adobe: In October 2013, American software services provider Adobe issued a disconcerting statement. Hackers had managed to pilfer information from over 153 million user accounts, including some credit card data and login credentials. The company faced consequences for failing to safeguard user data, resulting in a penalty of $1.1 million for violating customer records regulations. In an effort to avert legal complications, Adobe subsequently released an official statement confirming a settlement of $1 million with its affected customers.

The post Cyber Attacks that impacted billions and millions of online accounts appeared first on Cybersecurity Insiders.

Aadhaar is a unique identification number given to each citizen of India and is a replica of the social security number applicable to the American populace. The Indian government has assigned the duty to protect the Aadhaar data of its citizens to the Unique Identification Authority of India (UIDAI) which handles the implementation, association, and application of the number to every person among the Indian populace.

After sensing trouble through the internet in the name of state-funded cyberwarfare, the Aadhaar authority has invited applications from at least 20 hackers who can help protect its website and resources from state-funded hackers and individuals.

However, the selection process will be unique as the government organization wants applications from only those candidates who are listed in the top 100 of the bug bounty leaders’ board such as Bugcrowd and HackerOne. Those associated with tech companies like Microsoft, Google, and Facebook and who received a bounty in the last year will be given additional preference after careful evaluation.

The call for hackers has been made in the wake of some allegations surfacing in the Chinese media about Indian hackers trying to hack the critical infrastructure of Pakistan using Chinese source codes. China warned of a cyber-war in near time in retaliation for such activities, that in reality did not take place.

UIDAI authorities fear that a state-funded hacking group could infiltrate the IT infrastructure of the database holding citizenship ID given to Indians through which it can later source other details such as bank account numbers, property details, movable and immovable property info, PAN details, and government subsidies availed by the Indian citizens.

An independent committee has been appointed to verify the candidate’s background and achievements and past bug hunting record as they will handle sensitive databases.

Cyber Swachhta Kendra, which keeps a tab on malicious activities targeting government infrastructure, stated that the ‘probables’ will be asked to sign a Non-Disclosure Agreement (NDA) and need to follow stipulations framed by UIDAI while in the project.

NOTE- In September 2021, Recorded Future Inc, a cybersecurity firm from Massachusetts stated that a Chinese state-sponsored hacking group infiltrated the database of UIDAI to access and siphon private biometric info of over 1 billion citizens. However, the agency denied these allegations and assured that the data of all the Indian Citizens was safe.

 

The post India seeks hackers help to protect UIDAI Aadhaar Data of Citizens appeared first on Cybersecurity Insiders.