New Delhi, Jun 3: Over 1 lakh scanned copies of Indians' national IDs, including Aadhaar, PAN card and passport, have been put on dark web for sale, cyber intelligence firm Cyble said on Wednesday.
The leaked data seems to have originated from a third party and not from the government system, according to a report by Cyble.
"We came across a non-reputed actor who is currently selling over 1 lakh Indian National IDs on the dark net. With such a low reputation, ideally, we would have skipped this; however, the samples shared by the actor intrigued our interest -- and also the volume. The actor is alleged to have access to over 1 lakh IDs from different places in India," Cyble said.
The personal data leaked by cyber criminals leads to various nefarious activities such as identity thefts, scams, and corporate espionage. Many criminals use the personal details in the IDs to win trust of the people over a phone call for fraudulent activities.
Cyber criminals leak personal data of 2.9 cr job-seeking Indians on dark web for free
The Cyble researchers acquired around 1,000 IDs from the seller and confirmed that the scanned IDs belong to Indians.
"Preliminary analysis suggests that the data originated from a third party, and no indication or artefact is indicating that it came from a government system. At this point, Cyble researchers are still investigating this further -- we are hoping to share an update soon," Cyble said.
The scanned ID documents indicate that the data may have been leaked from a company's data base in the segment where they have to comply with 'Know Your Customer' (KYC) norms.
"Cyble researchers have also learned about a surge in KYC and banking scams -- leaks such as this are often used by scammers to target individuals, especially elderlies," Cyble said.
The cyber intelligence firm has recommended people to refrain from sharing personal information especially financial information over phone, e-mail or SMS.
"Regularly monitor your financial transaction, if you notice any suspicious transaction, contact your bank immediately," the company said.
In May, Cyble showed two instances where personal data of 7.65 crore Indians have been put on sale in the dark web. In one instance, the seller claimed to have sourced data of 4.75 crore Indians from online directory Truecaller and in other, the seller claimed to have sourced from job websites.
Truecaller, however, had denied the claim of breach in its database.
Comments
What about Reddy brothers and Yediyurappa? Don't IT dept know of their illegal wealth?
IT raid doesnt mean jack if you have contacts in ruling party. Shah the criminal can use these raid as bargaining chips with SM krishna
Modi doesn't make a difference between ruling party or opposition.
He will go after any scamster...well done.
If you send a suitcase to amitshah nothing will happen to you either.
Shah is collecting the money
SMK the turn coat, is a spent force for congress & Jumla party as well. He cant do any damage to Congis. Just to have another feather in the cap of Feku, this raid is conducted. There r Sharks in Feku's own party who r free like Adani, Sushil Modi, Vijaivarghia, Ajay Devgun, Ashok Pandit etc. Nothing will happen to them.
Why no raid on Reddy brother?
The corrupt must be caught, must need to take strict action.
Add new comment