https://images.moneycontrol.com/static-mcnews/2019/08/Cyber-Security-Security-Hacking-Coding-Hacked-2972105-770x433.jpg?impolicy=website&width=770&height=431
Representative image

Personal data of 2.9 crore Indian job seekers leaked on dark web: Report

The same threat actor who leaked the Aadhaar card details later dropped details of 18 lakh residents of Madhya Pradesh for free on May 19.

by

Personal data of more than 29 million Indian job seekers has reportedly been leaked on the dark web. The leaked information includes details like email, home address, qualification, work experience, etc.

The source of this data breach is yet to be traced, but cybersecurity intelligence firm Cyble believes it could be from one of the job search aggregator websites. The report further states that all the leaked data was posted in a 2.3 GB zipped file on a hacking forum by a threat actor and is available for free.

As mentioned earlier, the leaked data includes sensitive information such as email, phone, home address, qualification, work experience etc. “We usually see this sort of leaks all the time, but this time, the message header got our attention as it included a lot of personal details – where most of the things are generally static such as education, address etc,” Cyble said in its blog post.

The report includes screenshots of some of the breached data from the file, suggesting the data could be from Delhi, Mumbai, Bangalore, Tamil Nadu, etc. It appears to have originated from a resume aggregator given the sheer volume and detailed information. 

The cybersecurity firm later received a tip claiming that the data could have originated from an unprotected elastic search instance — a tool that aggregates or indexes data in various formats from multiple locations based on a set of rules set up by the hacker/ source.

Cyble, on May 24, also found close to 2,000 Aadhaar card details on a hacking forum. “We are not sure of how this leak happened. There is a known perpetrator who just decided to drop this. In terms of the leak itself, it has approximately 2,000 Aadhaar cards. A large number of files appear to have originated from 2019, and several IDs were scanned from mobile cameras, and often transferred to other parties via WhatsApp. It’s highly likely that more IDs may have been compromised, and the perpetrator decided to share only a small subset. We are still looking into this further,” Cyble founder Beenu Arora told The Hindu.

The same threat actor who leaked the Aadhaar card details later dropped details of 18 lakh residents of Madhya Pradesh for free on May 19. “The claim made by the anonymous entity that unprotected Elastic search instance was the root cause behind the job seeker data leak is unverifiable at this stage, as we haven’t been given the technical evidence yet. We are approaching other research communities to gather more facts,” Arora said.

Moneycontrol Ready Reckoner
Now that payment deadlines have been relaxed due to COVID-19, the Moneycontrol Ready Reckoner will help keep your date with insurance premiums, tax-saving investments and EMIs, among others.
Download a copy