In a recent update a US-based cyber threat intelligence company Cyble has announced a major leak of Indian National IDs over the dark web. The firm mentioned in its report that there are over 110,000 national IDs available in the dump. They acquired a sample of 1000 IDs and confirmed that they are indeed Indian National IDs, including passport, PAN card, voters card, Aadhaar, driver license and more.
During the investigation, Cyble noted that the files originated from data collected from 2017 to 2020. The firm is determining the source of the leak. In the last four weeks, the researchers at Cyble are on the edge of their seats as major data leaks have taken place including Weibo accounts, credit card information, Truecaller user dump, personal information of Indian job seekers, and more.
In this instance, the firm said that a non-reputed actor is claiming to have access to over 100,000 national IDs from different locations in India. The total size is believed to be over 100 GB. Though the actor has a low reputation and in general such claims get skipped by the experts, this particular leak is sensitive as the data dump has national IDs and that too in large volume.
Source of the national IDs leak is a non-government entity
In its initial investigation, Cyble found out that the data came from a third-party source. There are no indications that the data was leaked from a government system. The researchers are working extensively and should be able to provide more details about the leak in the next few days. The researchers pointed out that they have learned about a surge in banking and KYC scams in India. This leak may be used by scammers to target individuals, especially elders and technologically naive.
Cyble is a well-reputed US-based cyber threat intelligence company that was formed with a mission to provide organizations with real-time information about cyber threats and risks. They help individuals and organizations to access and secure their system from potential attacks and hacks.