Details of 2.90 crore job seekers on dark net

Leaked data mentions two popular job sites

May 23, 2020 11:41 pm | Updated May 24, 2020 11:53 am IST - Mumbai

A screenshot of the job-seekers' data leaked on the dark web.

A screenshot of the job-seekers' data leaked on the dark web.

Personal details of about 2.90 crore Indian job seekers have been found dumped on the dark net, raising concerns among cyber crime agencies and experts in India over a massive data breach.

The data leak was uncovered on Friday by Cyble, Inc, a U.S.-based cyber intelligence firm founded by global cybersecurity expert Beenu Arora.

On Saturday morning, Cyble posted an update on its official blog that the names, addresses and contact numbers belonged to job seekers from cities such as Mumbai, Chennai, Delhi, Hyderabad, Pune and Bengaluru. The data is available for free download in a 2.3-gigabyte compressed file, according to the blogpost.

Screenshots of the leaked data, which are in The Hindu ’s possession, mention two well-known job portals: Naukri and Times Jobs.

Also read: Cyber crimes on the rise during pandemic, says U.N. disarmament chief

The blogpost said, “This breach includes sensitive information such as email, phone, home address, qualification, work experience, etc. Cybercriminals are always on the lookout for such personal information to conduct various nefarious activities such as identity thefts, scams, and corporate espionage.”

Mr. Arora told The Hindu that while Cyble hasn’t been able to attribute the source of the leak yet, they can say with a high degree of confidence that the leak appears to have occurred from a resume aggregator service.

Mr. Arora said, “A Russian-speaking threat actor is responsible for the leak, and it is likely that the data has been floating on the dark web for some time, unnoticed ... it’s possible that the leak was made to get attention and rapport in the dark web markets. This reminds us of the same strategy recently deployed by ShinyHunters, a known cybercriminal responsible for Tokopedia, Unacademy, Wishbone, Mathway, and other leaks.”

ShinyHunters leaked details hacked from Tokopedia, Indonesia’s largest online store, for free and later sold them for millions of U.S. dollars. Spurred by their success, ShinyHunters went on to target at least 10 more servers, including Unacademy, an Indian learning platform.

Cyble, in its blogpost, said it has acquired the leaked data and job seekers can register at AmIbreached.com, its data breach monitoring and notification service, to confirm if their information is part of the data. Mr. Arora said, “Based on current analysis, the information is quite detailed and invasive, and a desirable ingredient for cybercriminals.”

Indian cyber crime investigation agencies are also trying to trace the source of the leak and find out more about the hacker, sources confirmed. Balsing Rajput, Superintendent of Police (Maharashtra Cyber), said. “Data breaches have a serious impact on users, and criminals use the leaked data to commit various cyber attacks for financial gains or other motives. We are looking into the matter. Users need to update their passwords, opt for two-factor authentication and conduct regular security checks.”

Brijesh Singh, cyber expert and Special Inspector General of Police, said people can find out if their details have been hacked by checking websites like haveibeenpwned.com, which maintain databases of breached data. Mr. Singh said, “If you find that your data has been breached, check your bank and financial statements immediately. If you find any anomaly, report to the the bank/wallet/service provider and authorities without delay.”

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.