Saturday , May 10 2025

Covid-19 Test Info
Massive data breach exposes 81.5 crore Indians’ details

Details of 81.5 crore Indians linked to the Indian Council of Medical Research (ICMR) are reportedly being sold in India’s largest data leak case. The Central Bureau of Investigation (CBI), India’s top investigative agency, is likely to investigate the matter once ICMR files a complaint.

YouTube geo-blocks at least 4 Bangladeshi TV channels in India

YouTube has restricted access to at least four Bangladeshi television channels in India following a takedown request from the Indian...
Read More
YouTube geo-blocks at least 4 Bangladeshi TV channels in India

Microsoft Patches Four Critical Azure and Power Apps Vulns

Microsoft has fixed critical vulnerabilities in its core cloud services, including Azure Automation, Azure Storage, Azure DevOps, and Microsoft Power...
Read More
Microsoft Patches Four Critical Azure and Power Apps Vulns

Qilin Ransomware topped April 2025 with 45+ data leak disclosures

The cyber threat landscape is rapidly changing, with a notable increase in ransomware activity in April 2025, driven by the...
Read More
Qilin Ransomware topped April 2025 with 45+ data leak disclosures

SonicWall Patches 3 Flaws in SMA 100 Devices

SonicWall has released patches for three security flaws in SMA 100 Secure Mobile Access appliances that could allow remote code...
Read More
SonicWall Patches 3 Flaws in SMA 100 Devices

Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed

From April 2024 to April 2025, Flashpoint analysts noted that the financial sector was a major target for threat actors,...
Read More
Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed

Critical (CVSS 10) Flaw in Cisco IOS XE WLCs Allows RRA

Cisco has issued a security advisory for a critical vulnerability in its IOS XE Software for Wireless LAN Controllers (WLCs)....
Read More
Critical (CVSS 10) Flaw in Cisco IOS XE WLCs Allows RRA

CVE-2025-29824
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day

Attackers linked to the Play ransomware operation deployed a zero-day privilege escalation exploit during an attempted attack against an organization...
Read More
CVE-2025-29824  Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day

Hacker exploited Samsung MagicINFO 9 Server RCE flaw

Hackers are exploiting an unauthenticated remote code execution vulnerability in the Samsung MagicINFO 9 Server to take control of devices...
Read More
Hacker exploited Samsung MagicINFO 9 Server RCE flaw

CISA adds Langflow flaw to its KEV catalog

CISA added the Langflow vulnerability, CVE-2025-3248 (CVSS score 9.8), to its Known Exploited Vulnerabilities catalog. Langflow is a popular tool...
Read More
CISA adds Langflow flaw to its KEV catalog

Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers

Google has released its monthly Android security updates, addressing 46 vulnerabilities, including one that has been actively exploited. CVE-2025-27363 (CVSS...
Read More
Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers

A report found that someone, using the name ‘X’ on Twitter, exposed a data breach. This person advertised the stolen database on a dark web forum. The database contains records of 81.5 million Indian citizens, including sensitive information like Aadhaar and passport details, names, phone numbers, and addresses. The person who exposed the breach claimed that the data was taken from Covid-19 test records of Indian citizens and came from ICMR.

ICMR has faced many cyber-attacks since February. Over 6,000 incidents were reported last year. Central agencies and the council were aware of these threats. They urged ICMR to take corrective measures to prevent data breaches.

A query, calls and messages sent to ICMR DG on Saturday remained unanswered and his response is awaited.

           From tweeter post of Ritesh Bhatia

It has been learnt that CERT-In has informed ICMR about the breach and the verification of sample data, which is on sale, matches with the actual data of ICMR after which all agencies were ropes in.

Officials from various agencies and ministries are working together to address the serious situation. A top-tier agency is conducting a thorough investigation to determine if foreign actors are responsible. Actions have already been taken to fix the issue and procedures have been implemented to reduce the damage.

The report stated that the source of the leak has not yet been found. Covid-19 test data is shared among the National Informatics Centre (NIC), ICMR, and the Ministry of Health.

According to the American cybersecurity and intelligence agency Resecurity, a hacker called ‘pwn0001′ posted on Breach Forums on October 9, offering access to 815 million records of Indian citizens’ Aadhaar and Passport details. This is significant considering India’s total population is over 1.486 billion people.

News18 reported that Pwn0001 shared spreadsheets containing four significant leak samples, including parts of Aadhaar data. Resecurity stated that one of these leaked samples contained 100,000 records of Personally Identifiable Information (PII) related to Indian residents. The leaked sample confirmed the validity of Aadhaar Card IDs through a government portal’s “Verify Aadhaar” feature. Instances of India’s health system being a target for hackers have been observed previously.

“Media disclaimer: This report is based on research from various sources. It’s important to note that the information provided here is for reference only. Users are responsible for their reliance on this information. Infosecbulletin does not guarantee its accuracy and is not liable for any consequences that may arise from using it.

Check Also

€530 million

TikTok fined €530 million for sending E.U. Data to China

Ireland’s Data Protection Commission fined TikTok €530 million ($601 million) on Friday for violating data …

Leave a Reply

Your email address will not be published. Required fields are marked *