Early leads for BJP as counting begins for Uttar Pradesh civic polls

In a startling revelation, cybersecurity researchers have claimed that a hacker has posted personal details of nearly 2.9 crore Indian job seekers at one of the hacking forums on the Dark Web for free.

As part of the regular sweep over the Deep Web and Dark Web, researchers from cybersecurity firm Cyble came across an interesting item, where a threat actor posted 2.3GB (zipped) file on one of the hacking forums.

"The leak actually has a lot of personal details of millions of Indians Job seekers from different states," Cyble said in its blog on Friday.

This breach includes sensitive information such as email, phone, home address, qualification and work experience etc from job seekers spanning across states, from New Delhi to Mumbai and Bengaluru. 

Cybercriminals are always on the lookout for such personal information to conduct various nefarious activities such as identity thefts, scams, and corporate espionage.

"It appears to have originated from a resume aggregator service given the sheer volume and detailed information," it added.

Cyble indexed this information at ‘AmIbreached.com; – Cyble's data breach monitoring and notification platform.

Cyble researchers have identified a sensitive data breach on the dark web where an actor has leaked personal details of nearly 29 million Indian job seekers from various states. 

"Cyble's team is still investigating this further and will be updating their article as they bring more facts to the surface,” it said in a statement.

Cyble said it has acquired the leaked data. 

The same cyber security firm earlier exposed that Bengaluru-based edtech firm Unacademy was hacked.

According to Cyble researchers, nearly 22 million Unacademy user accounts were affected and the data was dumped and sold on Dark Web.

'We would like to assure our users that no sensitive information such as financial data or location has been breached," said Hemesh Singh, Co- Founder and CTO, Unacademy, in a statement.

In April, hackers sold personal data of a whopping 267 million Facebook users for just Rs 41,500 (approximately 500 Euros) that includes email addresses, names, Facebook IDs, dates of birth and phone numbers.

No passwords of the 267 million Facebook users were exposed by the hacker, according to Cyble.

New Delhi, Mar 16: Chief Justice of India Sharad Arvind Bobde on Monday said that rules for preventing overcrowding in the courts to avoid the spread of coronavirus cannot be relaxed for journalists alone on the basis of profession.

"Can't make an exception on the basis of profession," CJI Bobde said while asking journalists to share information and notes and suggesting that a system can be put in place to facilitate daily media briefing by Secretary-General.

Video conferencing facility being contemplated may be brought into place but not sooner than one week from now and reporters may take turns to attend hearings, CJI Bobde said.

He said that the court does not wish to prevent any reportage.

Attorney General KK Venugopal and Solicitor General Tushar Mehta informed the Chief Justice of India about the crowded corridors on account of restricted entry inside courtrooms.

CJI Bobde said that he himself wishes to assess and take stock of the situation and may do so tomorrow at 10.30 am.

This comes after the top court introduced several precautionary measures to prevent the spread of coronavirus and allowed only restricted entry of lawyers, litigants, and journalists in the courtroom.

Thermal-screening of the lawyers, litigants, and media persons were also conducted in the Supreme Court on Monday amid coronavirus fears.

Days after Twitter accounts of several billionaires were hacked to engineer a crypto scam, Twitter on Saturday said it is embarrassed, disappointed and, more than anything, sorry for what happened with some of its high-profile users as attackers successfully manipulated its employees and used their credentials to access internal systems, including getting through the two-factor protections.

In the first detailed summary of the "social engineering attack" via a crypto scam that hit at least 130 users this week, Twitter said for 45 of those accounts, the attackers were able to initiate a password reset, login to the account and send Tweets.

"We are continuing our forensic review of all of the accounts to confirm all actions that may have been taken. In addition, we believe they may have attempted to sell some of the usernames," the micro-blogging platform said in a statement.

For up to eight of the Twitter accounts involved, the attackers took the additional step of downloading the account's information via "Your Twitter Data" tool.

This is a tool that is meant to provide an account owner with a summary of their Twitter account details and activity.

"We are reaching out directly to any account owner where we know this to be true. None of the eight were verified accounts," said Twitter.

The company said the attackers were not able to view previous account passwords, as those are not stored in plain text or available through the tools used in the attack.

"Attackers were able to view personal information including email addresses and phone numbers, which are displayed to some users of our internal support tools," informed Twitter.

In cases where an account was taken over by the attacker, they may have been able to view additional information, Twitter added, saying its forensic investigation of these activities was still ongoing.

"We are actively working on communicating directly with the account-holders that were impacted".

The company said it will soon restore access for all account owners who may still be locked out as a result of the remediation efforts.

The New York Times reported on Friday that the Twitter crypto scam can be traced back to a group of hackers who congregate online at OGusers.com, a username-swapping community where people buy and sell coveted online handles.

The report said that the Twitter hack is not from Russian, Chinese or North Korean hackers but was done by a group of young people, "one of whom says he lives at home with his mother".