Thursday , June 5 2025

Covid-19 Test Info
Massive data breach exposes 81.5 crore Indians’ details

Details of 81.5 crore Indians linked to the Indian Council of Medical Research (ICMR) are reportedly being sold in India’s largest data leak case. The Central Bureau of Investigation (CBI), India’s top investigative agency, is likely to investigate the matter once ICMR files a complaint.

CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed

IBM has issued a security advisory for vulnerabilities in its QRadar Suite Software and Cloud Pak for Security platforms. These...
Read More
CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed

ALERT
Thousands of IP addresses compromised nationwide: CIRT warn

As Bangladesh prepares for the extended Eid-ul-Adha holidays, the BGD e-GOV Computer Incident Response Team (CIRT) has issued an urgent...
Read More
ALERT  Thousands of IP addresses compromised nationwide: CIRT warn

New Android Malware ‘Crocodilus’ Targets Banks in 8 Countries

In March 2025, the Threatfabric mobile Threat Intelligence team identified Crocodilus, a new Android banking Trojan designed for device takeover....
Read More
New Android Malware ‘Crocodilus’ Targets Banks in 8 Countries

Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks

Qualcomm has issued security patches for three zero-day vulnerabilities in the Adreno GPU driver, affecting many chipsets that are being...
Read More
Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks

Critical RCE Flaw Patched in Roundcube Webmail

Roundcube Webmail has fixed a critical security flaw that could enable remote code execution after authentication. Disclosed by security researcher...
Read More
Critical RCE Flaw Patched in Roundcube Webmail

Hacker claim Leak of Deloitte Source Code & GitHub Credentials

A hacker known as "303" claim to breach the company's systems and leaked sensitive internal data on a dark web...
Read More
Hacker claim Leak of Deloitte Source Code & GitHub Credentials

CISA Issued Guidance for SIEM and SOAR Implementation

CISA and ACSC issued new guidance this week on how to procure, implement, and maintain SIEM and SOAR platforms. SIEM...
Read More
CISA Issued Guidance for SIEM and SOAR Implementation

Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora

The Qualys Threat Research Unit (TRU) found two local information-disclosure vulnerabilities in Apport and systemd-coredump. Both issues are race-condition vulnerabilities....
Read More
Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora

Australia enacts mandatory ransomware payment reporting

New ransomware payment reporting rules take effect in Australia yesterday (May 30) for all organisations with an annual turnover of...
Read More
Australia enacts mandatory ransomware payment reporting

Why Govt Demands Foreign CCTV Firms to Submit Source Code?

Global makers of surveillance gear have clashed with Indian regulators in recent weeks over contentious new security rules that require...
Read More
Why Govt Demands Foreign CCTV Firms to Submit Source Code?

A report found that someone, using the name ‘X’ on Twitter, exposed a data breach. This person advertised the stolen database on a dark web forum. The database contains records of 81.5 million Indian citizens, including sensitive information like Aadhaar and passport details, names, phone numbers, and addresses. The person who exposed the breach claimed that the data was taken from Covid-19 test records of Indian citizens and came from ICMR.

ICMR has faced many cyber-attacks since February. Over 6,000 incidents were reported last year. Central agencies and the council were aware of these threats. They urged ICMR to take corrective measures to prevent data breaches.

A query, calls and messages sent to ICMR DG on Saturday remained unanswered and his response is awaited.

           From tweeter post of Ritesh Bhatia

It has been learnt that CERT-In has informed ICMR about the breach and the verification of sample data, which is on sale, matches with the actual data of ICMR after which all agencies were ropes in.

Officials from various agencies and ministries are working together to address the serious situation. A top-tier agency is conducting a thorough investigation to determine if foreign actors are responsible. Actions have already been taken to fix the issue and procedures have been implemented to reduce the damage.

The report stated that the source of the leak has not yet been found. Covid-19 test data is shared among the National Informatics Centre (NIC), ICMR, and the Ministry of Health.

According to the American cybersecurity and intelligence agency Resecurity, a hacker called ‘pwn0001′ posted on Breach Forums on October 9, offering access to 815 million records of Indian citizens’ Aadhaar and Passport details. This is significant considering India’s total population is over 1.486 billion people.

News18 reported that Pwn0001 shared spreadsheets containing four significant leak samples, including parts of Aadhaar data. Resecurity stated that one of these leaked samples contained 100,000 records of Personally Identifiable Information (PII) related to Indian residents. The leaked sample confirmed the validity of Aadhaar Card IDs through a government portal’s “Verify Aadhaar” feature. Instances of India’s health system being a target for hackers have been observed previously.

“Media disclaimer: This report is based on research from various sources. It’s important to note that the information provided here is for reference only. Users are responsible for their reliance on this information. Infosecbulletin does not guarantee its accuracy and is not liable for any consequences that may arise from using it.

Check Also

SIEM and SOAR

CISA Issued Guidance for SIEM and SOAR Implementation

CISA and ACSC issued new guidance this week on how to procure, implement, and maintain …

Leave a Reply

Your email address will not be published. Required fields are marked *