Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Indian Government hacked. Show all posts
Third-Party Risks
Biometric data biometric vulnerability Data Breach Data Leak Hackers attack Indian Government Indian Government hacked personal information exposure Third-Party Risks

Massive Data Breach Exposes Sensitive Information of Indian Law Enforcement Officials

 

Recently, a significant data breach compromised the personal information of thousands of law enforcement officials and police officer applicants in India. Discovered by security researcher Jeremiah Fowler, the breach exposed sensitive details such as fingerprints, facial scans, signatures, and descriptions of tattoos and scars. Alarmingly, around the same time, cybercriminals advertised the sale of similar biometric data on Telegram. 

The breach was traced to an exposed web server linked to ThoughtGreen Technologies, an IT firm with offices in India, Australia, and the United States. Fowler found nearly 500 gigabytes of data, encompassing 1.6 million documents dating from 2021 to early April. This data included personal information about various professionals, including teachers, railway workers, and law enforcement officials. Among the documents were birth certificates, diplomas, and job applications. 

Although the server has been secured, the incident highlights the risks of collecting and storing biometric data and the potential misuse if leaked. “You can change your name, you can change your bank information, but you can't change your actual biometrics,” Fowler noted. This data, if accessed by cybercriminals, poses a long-term risk, especially for individuals in sensitive law enforcement roles. Prateek Waghre, executive director of the Internet Freedom Foundation, emphasized the extensive biometric data collection in India and the heightened security risks for law enforcement personnel. 

If compromised, such data can be misused to gain unauthorized access to sensitive information. Fowler also found a Telegram channel advertising the sale of Indian police data, including specific individuals’ information, shortly after the database was secured. The structure and screenshots of the data matched what Fowler had seen. For ethical reasons, he did not purchase the data, so he could not fully verify its authenticity. In response, ThoughtGreen Technologies stated, “We take data security very seriously and have taken immediate steps to secure the exposed data.” 

They assured a thorough investigation to prevent future incidents but did not provide specific details. The company also reported the breach to Indian law enforcement but did not specify which organization was contacted. When shown a screenshot of the Telegram post, the company claimed it was “not our data.” Telegram did not respond to requests for comment. 

Shivangi Narayan, an independent researcher, stressed the need for more robust data protection laws and better data handling practices by companies. Data breaches are so frequent that they no longer shock people, as evidenced by a recent face-recognition data breach involving an Indian police force.

Globally, as governments and organizations increasingly use biometric data for identity verification and surveillance, the risk of data leaks and abuse rises. For example, a recent face recognition leak in Australia affected up to a million people and led to a blackmail charge. It also has to be noted that many countries are looking at biometric verification for identities, and all of that information has to be stored somewhere. If they decide to farm it out to a third-party company, they lose control of that data.
Read more »
Pakistan Haxors CREW
Defaced Website hacker news Indian Government hacked Pakistan Haxors CREW

Official websites of Taj Mahal and Agra Fort hacked by Pakistani hackers


The Pakistani hackers continue to target Indian Government and other websites.  'Pakistan Haxors Crew' is to be one of the most active groups that targeting Indian websites.

Today, the hacker known as 'H4$N4!N H4XOR' from the group hacked into one of the popular Indian Government websites ; The main page of Taj Mahal website(www.tajmahal.gov.in) is now displaying the Pakistan's flag.

The message posted on the defaced page reads follows:
"Whatever you fail to detect, will cause your downfall..Pakistan Haxors Crew is here to remind you of your Security.. Our fight is not against any individual but the system as whole"

It is not the only website defaced in the recent attack. The group also changed the contents of other popular government websites including Agra Fort official site(agrafort.gov.in) and Fatehpur Sikri site.

While other sites are modified to display the hacker's content in the front page of the site, hackers have placed their defacement page in Fatehpur Sikrisite at "http://fatehpursikri.gov.in/r00t.html"  

At the time of writing, all of the affected websites still display the contents modified by the hackers. 
Read more »
Malware Attack
Cyber Crime Cyberattack Featured Indian Government hacked Malware Attack

Biggest Cyber attack in India's history, 10k Indian government emails hacked


Indian Government have suffered one of the biggest cyber attack in the country's history. Hackers managed to compromise more than 10,000 email address of top government officials.The attack occurred on July 12 this year.

The cybercriminals managed to steal email IDs belong to official working at the Prime Minister's office, Defence, external affairs, finance ministries and Intelligence agencies.

The attack occurred on July 12 this year, four days after the government was warned by the National Critical Information Infrastructure Protection Centre (NCIIPC).

According to Indian Express, News of the attack was confirmed by officials of intelligence and enforcement agencies at a day-long NCIIPC meeting in New Delhi this week.
Read more »
Subscribe to: Posts (Atom)