We just came across a very shocking news for Indian Government and Citizen both. Pune based popular security company Quickheal reported that critical data from more than 6000 establishments, businesses, and organizations including UIDAI, BSE, RBI, ISRO have been hacked and is available to purchase on Darknet.
Now the surprising thing is that the Government officials who are managing the whole Internet thing in India have denied any such reports of data leak.
Quickheal’s Seqrite’s Cyber Intelligence Labs has traced this shocking info with its partner, seQtree InfoServices. They reported that over 6000 ISPs, Government, and Private Organisations have been affected and their data is available on sale.
They contacted the seller and obtained the sample data to verify. They found working email addresses in the sample database and these email addresses belong to several big Private and Government organizations. They found that India’s National Internet Registry is the affected organization that comes under Nixi.
The seQtree also claimed that data can also be used to disrupt Internet IP allocation and in-turn affect Internet services in India.
Nixi has contacted the companies affected and they have also reported this to NCIIPC (National Critical Information Infrastructure Protection Centre).
The hacker is looking for a buyer to sell this data. The buyer can use this for mass disruption. Some of the companies affected are Flipkart, Ernst & Young (E&Y), TCS, Wipro, Indian Space Research Organisation, Mastercard/Visa, Spectranet, Hathway, IDBI Bank, UIDAI, DRDO, and Zoho.
The person is selling the data for 15 bitcoins. This data includes usernames, email ids, passwords, organization name, invoices. billing documents, and few more important fields.
Misuse of this data can affect the organization badly. So, it should not be treated in a light way and there must be a proper investigation.
