In the ongoing battle to secure the cyber realm, the emergence of new hackers continues unabated, constantly innovating methods to breach the digital boundaries that safeguard your online world. A new hacking collective known as "dawnofdevil" has emerged as a potent threat to various Indian entities, with a particular focus on government organisations. This group, operating discreetly within the confines of BreachForums, has boldly asserted its successful infiltration into the security apparatus of the Income Tax Department of India. The potential compromise of sensitive information within this governmental body raises significant concerns about data confidentiality and the potential for unauthorised access to various affiliated websites.
Operating under the pseudonym "dawnofdevil," an unidentified individual has boldly claimed to breach the robust security infrastructure of the Income Tax Department. The purported breach involves gaining unauthorised access to an email account hosted on the incometax.gov.in domain, a development that could potentially open avenues for unauthorised registrations on a range of government-affiliated websites. Adding to the gravity of the situation, the hacker is actively seeking buyers for this compromised email access, attaching a price tag of US$500 to the illicit offering.
Expanding their cyber activities, dawnofdevil has recently made waves by claiming a successful breach of Hathway, a prominent broadband and cable TV service provider in India. The hacker boasts of obtaining personal data from a staggering 41.5 million customers, comprising names, addresses, phone numbers, and even password hashes. This extensive dataset is being offered for sale at a substantial price of US$10,000. Furthermore, the hacker asserts control over access to MySQL and Oracle databases, totaling over 400 GB of data spread across more than 800 tables with production data. Additionally, the claim includes possession of 4 million+ KYC documents, containing sensitive details like full names, Aadhar numbers, PAN cards, and other national ID information.
To underscore the magnitude of the breach, dawnofdevil has shared samples of the compromised data, revealing the depth and variety of information at risk. In a move to facilitate the sale of this illicit information and enable targeted searches, the hacker has established a Tor site. This dark web portal allows individuals to search for specific data entries using mobile numbers and email addresses.
The implications of these security breaches are profound, necessitating a comprehensive understanding of the potential risks involved. As investigations unfold, there is an urgent need to employ the importance of robust cybersecurity measures. The broader community, both organisations and individuals alike, should remain vigilant in the face of these evolving cyber threats, taking proactive steps to safeguard sensitive data and mitigate the risks associated with unauthorised access. Stay tuned for ongoing updates as the alleged organisations look closely into the investigation, and the cybersecurity world continues to make developments.