Wednesday , June 25 2025

Covid-19 Test Info
Massive data breach exposes 81.5 crore Indians’ details

Details of 81.5 crore Indians linked to the Indian Council of Medical Research (ICMR) are reportedly being sold in India’s largest data leak case. The Central Bureau of Investigation (CBI), India’s top investigative agency, is likely to investigate the matter once ICMR files a complaint.

WhatsApp banned on all US House of Representatives devices

The U.S. House of Representatives has banned congressional staff from using WhatsApp on government devices due to security concerns, as...
Read More
WhatsApp banned on all US House of Representatives devices

Kaspersky found “SparkKitty” Malware on Google Play, Apple App Store

Kaspersky found a new mobile malware dubbed SparkKitty in Google Play and Apple App Store apps, targeting Android and iOS....
Read More
Kaspersky found “SparkKitty” Malware on Google Play, Apple App Store

OWASP AI Testing Guide Launched to Uncover Vulns in AI Systems

OWASP has released its AI Testing Guide, a framework to help organizations find and fix vulnerabilities specific to AI systems....
Read More
OWASP AI Testing Guide Launched to Uncover Vulns in AI Systems

Axentec Launches Bangladesh’s First Locally Hosted Tier-4 Cloud Platform

In a major milestone for the country’s digital infrastructure, Axentec PLC has officially launched Axentec Cloud, Bangladesh’s first Tier-4 cloud...
Read More
Axentec Launches Bangladesh’s First Locally Hosted Tier-4 Cloud Platform

Hackers Bypass Gmail MFA With App-Specific Password Reuse

A hacking group reportedly linked to Russian government has been discovered using a new phishing method that bypasses two-factor authentication...
Read More
Hackers Bypass Gmail MFA With App-Specific Password Reuse

Russia detects first SuperCard malware attacks via NFC

Russian cybersecurity experts discovered the first local data theft attacks using a modified version of legitimate near field communication (NFC)...
Read More
Russia detects first SuperCard malware attacks via NFC

Income Property Investments exposes 170,000+ Individuals record

Cybersecurity researcher Jeremiah Fowler discovered an unsecured database with 170,360 records belonging to a real estate company. It contained personal...
Read More
Income Property Investments exposes 170,000+ Individuals record

ALERT (CVE: 2023-28771)
Zyxel Firewalls Under Attack via CVE-2023-28771 by 244 IPs

GreyNoise found attempts to exploit CVE-2023-28771, a vulnerability in Zyxel's IKE affecting UDP port 500. The attack centers around CVE-2023-28771,...
Read More
ALERT (CVE: 2023-28771)  Zyxel Firewalls Under Attack via CVE-2023-28771 by 244 IPs

CISA Flags Active Exploits in Apple iOS and TP-Link Routers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently included two high-risk vulnerabilities in its Known Exploited Vulnerabilities (KEV)...
Read More
CISA Flags Active Exploits in Apple iOS and TP-Link Routers

10K Records Allegedly from Mac Cloud Provider’s Customers Leaked Online

SafetyDetectives’ Cybersecurity Team discovered a public post on a clear web forum in which a threat actor claimed to have...
Read More
10K Records Allegedly from Mac Cloud Provider’s Customers Leaked Online

A report found that someone, using the name ‘X’ on Twitter, exposed a data breach. This person advertised the stolen database on a dark web forum. The database contains records of 81.5 million Indian citizens, including sensitive information like Aadhaar and passport details, names, phone numbers, and addresses. The person who exposed the breach claimed that the data was taken from Covid-19 test records of Indian citizens and came from ICMR.

ICMR has faced many cyber-attacks since February. Over 6,000 incidents were reported last year. Central agencies and the council were aware of these threats. They urged ICMR to take corrective measures to prevent data breaches.

A query, calls and messages sent to ICMR DG on Saturday remained unanswered and his response is awaited.

           From tweeter post of Ritesh Bhatia

It has been learnt that CERT-In has informed ICMR about the breach and the verification of sample data, which is on sale, matches with the actual data of ICMR after which all agencies were ropes in.

Officials from various agencies and ministries are working together to address the serious situation. A top-tier agency is conducting a thorough investigation to determine if foreign actors are responsible. Actions have already been taken to fix the issue and procedures have been implemented to reduce the damage.

The report stated that the source of the leak has not yet been found. Covid-19 test data is shared among the National Informatics Centre (NIC), ICMR, and the Ministry of Health.

According to the American cybersecurity and intelligence agency Resecurity, a hacker called ‘pwn0001′ posted on Breach Forums on October 9, offering access to 815 million records of Indian citizens’ Aadhaar and Passport details. This is significant considering India’s total population is over 1.486 billion people.

News18 reported that Pwn0001 shared spreadsheets containing four significant leak samples, including parts of Aadhaar data. Resecurity stated that one of these leaked samples contained 100,000 records of Personally Identifiable Information (PII) related to Indian residents. The leaked sample confirmed the validity of Aadhaar Card IDs through a government portal’s “Verify Aadhaar” feature. Instances of India’s health system being a target for hackers have been observed previously.

“Media disclaimer: This report is based on research from various sources. It’s important to note that the information provided here is for reference only. Users are responsible for their reliance on this information. Infosecbulletin does not guarantee its accuracy and is not liable for any consequences that may arise from using it.

Check Also

NFC

Russia detects first SuperCard malware attacks via NFC

Russian cybersecurity experts discovered the first local data theft attacks using a modified version of …

Leave a Reply

Your email address will not be published. Required fields are marked *