City-based security wing of Quick Heal Technologies, Seqrite Cyber Intelligence Labs, has detected a data breach that could have potentially affect over 6,000 Indian organizations including Unique Identification Authority of India, Reserve Bank of India, Bombay Stock Exchange and Flipkart.
Unique Identification Authority of India (UIDAI) has clarified on Wednesday that there has been no security breach of any kind after a report by a security firm.
"We have alerted the government authorities well within time. If someone gets control over this massive data that is currently up for sale on DarkNet, the above-mentioned organizations and enterprises can get affected," Rohit Srivastwa, a Senior Director, Cyber Education, and Services at Quick Heal.
In a statement released by the Seqrite Cyber Intelligence Labs, the hackers did not reveal their identity, has asked for 15 Bitcoins (around Rs 41.89 lakh) for the information and is threatening to take down their network for an unspecified amount.
"Along with the access, the hacker is also selling credentials and various contractual business documents and claims to have access to a large database of Asia Pacific Network Information Centre (APNIC)," the statement further said.
After a detailed investigation, researchers found out that the hackers attacked Indian Registry for Internet Names and Numbers (IRINN), which comes under National Internet Exchange of India (NIXI). IRINN is the national internet registry agency which is responsible for IP address allocation, and other internet resources across the country.
"This could impact various content delivery network (CDN) and be hosting providers as well. If the hacker gets an interested buyer, then an attack on the system could disrupt Internet IP allocation and affect Internet services in India," Seqrite said.
The companies that might be affected y this hack include UIDAI, DRDO, RBI, ISRO, EPFO, Idea Telecom, Aircel, BSNL, Hathway, Sify, Tikona, BSE, Mastercard/ Visa, SBI, HDFC, ICICI Prudential Mutual Fund, BNY Mellon, IDBI Bank, Canara Bank, Flipkart, Ernst & Young, TCS, Wipro, VMWare, among others.
Unique Identification Authority of India (UIDAI) has clarified on Wednesday that there has been no security breach of any kind after a report by a security firm.
"We have alerted the government authorities well within time. If someone gets control over this massive data that is currently up for sale on DarkNet, the above-mentioned organizations and enterprises can get affected," Rohit Srivastwa, a Senior Director, Cyber Education, and Services at Quick Heal.
In a statement released by the Seqrite Cyber Intelligence Labs, the hackers did not reveal their identity, has asked for 15 Bitcoins (around Rs 41.89 lakh) for the information and is threatening to take down their network for an unspecified amount.
"Along with the access, the hacker is also selling credentials and various contractual business documents and claims to have access to a large database of Asia Pacific Network Information Centre (APNIC)," the statement further said.
After a detailed investigation, researchers found out that the hackers attacked Indian Registry for Internet Names and Numbers (IRINN), which comes under National Internet Exchange of India (NIXI). IRINN is the national internet registry agency which is responsible for IP address allocation, and other internet resources across the country.
"This could impact various content delivery network (CDN) and be hosting providers as well. If the hacker gets an interested buyer, then an attack on the system could disrupt Internet IP allocation and affect Internet services in India," Seqrite said.
The companies that might be affected y this hack include UIDAI, DRDO, RBI, ISRO, EPFO, Idea Telecom, Aircel, BSNL, Hathway, Sify, Tikona, BSE, Mastercard/ Visa, SBI, HDFC, ICICI Prudential Mutual Fund, BNY Mellon, IDBI Bank, Canara Bank, Flipkart, Ernst & Young, TCS, Wipro, VMWare, among others.