100 GB of Indians’ data up for sale on dark web

Representative photo   | Photo Credit: REUTERS

A fresh instance of Indians’ data being leaked on the dark net has come to light, with a massive data packet — nearly 100 gigabytes in size — being put up for sale in the dark web market. The data comprises scanned identity documents of over 1 lakh Indians, including passports, PAN cards, Aadhar cards, voter IDs and driver’s licenses.

The data was found by Cyble, a global cyber intelligence agency founded by cyber expert Beenu Arora, which has also found several other such instances in the recent past, including a massive packet of data of Indian job seekers from across the country. Cyble researchers, in a post on their official blog on Tuesday night, said that they came across a relatively non-reputable threat actor offering over 1 lakh identity documents for sale.

“With such a low reputation, ideally, we would have skipped this. However, the samples shared by the actor intrigued our interest, as also the volume. The actor claimed to have access to over 1 lakh IDs from different places in India, with the total size being over 100 GB,” Cyble’s post said.

Acquired by Cyble

Mr. Arora said that the entire data has subsequently been acquired by Cyble for approximately $4,800 in bitcoins. Samples of the data indicate that the documents are scanned copies of a wide variety of government-issued identity documents that prima facie seem to be legitimate.

“The actor appears to be a new player in the market and appears to be trying to establish itself by offering these significant leaks. We have verified their claim and it is naturally concerning. We are now investigating the source of this leak,” Mr. Arora said.

From a third party

Cyble researchers have till now not found any indications of this data having leaked from a government system, and believe that it came from a third party. Central and State cyber crime agencies have also taken note of the incident and have initiated their own inquiries.

“The instance might not even be a leak as such. It might simply be a packet of documents collected over time by elements who need to collect them as part of their day job, who also moonlight as cyber criminals. Any person working as an agent who helps people get official documents needs to collect their identity proof, and would have such a stash with them. The data in question might simply have been sold to the threat actor or hacked from such a person's server,” a cyber crime officer said.

Our code of editorial values

This article is closed for comments.
Please Email the Editor

Printable version | Jun 15, 2021 1:00:46 AM |

Next Story