The personal information of over 815 million people in India has reportedly been leaked online. Hackers are offering for sale the personally identifiable information (PII) of Indian residents, including data from Aadhaar identity cards. The threat actor, known as “pwn0001,” claims to have records of 815 million individuals, including Aadhaar and passport information, names, phone numbers, and addresses. The data is believed to have been exfiltrated from information submitted to the Indian Council of Medical Research (ICMR) during Covid-19 tests. The ICMR has not confirmed the breach. Analysts have verified the authenticity of the stolen Aadhaar records. This data leak comes at a particularly unfortunate time for Indian authorities, as a similar vulnerability was recently discovered on a government website. If such data breaches continue, public trust in authorities to protect personally identifiable and biometric data may suffer.
1. The personal information of over 815 million people in India has been leaked online.
2. Hackers are offering the data for sale, which includes Aadhaar and passport information, names, phone numbers, and addresses.
3. The data is believed to have been obtained from information submitted to the ICMR during Covid-19 tests.
4. The authenticity of the stolen Aadhaar records has been verified.
5. This data leak follows a recent vulnerability found on an Indian government website, which may have exposed residents’ data as well.
6. Continued data breaches may erode public trust in authorities’ ability to protect personal and biometric data.