Indian blue-collar worker database, eMigrate, in the hands of hackers: Report

A hacker claims to be selling a database from Indian government’s portal for blue-collar workers that comes under the Ministry of External Affairs  

Published - June 28, 2024 02:36 pm IST

A hacker is claiming to have access to an extensive database associated India’s eMigrate portal.

A hacker is claiming to have access to an extensive database associated India’s eMigrate portal. | Photo Credit: MUSTAFAH KK

A hacker is claiming to have access to an extensive database associated with the Indian government’s portal for blue-collar workers emigrating from the country.

The database reportedly associated with the eMigrate portal contains full names, email addresses, phone numbers, dates of birth, mailing addresses and passport details of individuals who allegedly signed up to the portal, TechCrunch reported.

eMigrate, launched by the Ministry of External Affairs, helps Indian labour emigrate overseas. The portal also provides clearance tracking and insurance services to migrant workers.

The database on sale on a known cybercrime forum appears to be genuine, and even contains the information of an Indian government’s foreign ambassador.

(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)

While it is unclear if the data was obtained directly from the eMigrate portal or was obtained by the threat actors in a previous breach, they claim to have access to at least 200,000 internal and registered user entities.

India’s Computer Emergency Response Team (CERT-In) said it is taking appropriate actions with the concerned authority, while the ministry of external affairs is yet to comment on the issue, the report said.

This is not the first time India’s government portals faced allegations of data leaks. Earlier this year, an Indian state government website was found exposing sensitive documents and personal information of millions of residents. In May, scammers were found to have tricked government websites into placing advertisements on government websites that redirected users to online betting platforms.

The impact of such data breaches is difficult to quantify. However, data breaches could have profound effects on users whose personal information was exposed. Personal information sold on hacker forums is often used by threat actors to launch phishing attacks, perform identity theft and compromise the financial security of users.

“Personal data is its own form of digital currency on the internet and breaches cost organizations a significant amount. The breaches impacting organizations and government entities are what the public sees front and center, but the impact on the end user isn’t as visible.” Satnam Narang, sr. staff research engineer, Tenable said.

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.