A staggering 1.8 terabyte data leak comprising Aadhaar cards, Voter IDs, passports, and driving license records of Indians have been hacked by threat actors and about 81.5 crore (815 million) Aadhaar cards have surfaced on the dark web for a mere $80,000.
Cybersecurity researchers from Resecurity’s HUNTER (HUMINT) unit uncovered the breach. On October 9th, a threat actor using the alias ‘pwn001’ advertised access to 815 million Aadhaar and passport records on Breach Forums. This includes a vast array of PII fields, such as names, phone numbers, passports, and Aadhaar IDs, which can have catastrophic implications for those affected.
Pwn001 remained light-tipped about the data’s source, leaving the cause of the breach largely speculative. To compound the situation, pwn001 provided samples of the leak, corroborating the authenticity of Aadhaar credentials through a government portal.
Researchers also found records with the ‘PREPAID’ signature pointing to the fact that these records have been hacked from telecommunication carriers. The carriers collect the personal information of their customers in a know-your-customer (KYC) process before allocating them SIM cards.
Another threat actor, ‘Lucius’, added to the chaos by posting a 1.8 TB data leak containing not only Aadhaar IDs but also voter cards and driving licenses.
The motive behind this act remains unclear, but it underscores the depth of the problem, with even more comprehensive PII data now in the hands of cybercriminals.
This mass leakage of Indian PII data on the dark web raises a significant risk of digital identity theft. Cybercriminals can exploit this stolen information for a range of financially motivated scams, including online banking theft and e-tax refund fraud.
As per Resecurity, India’s emergence as a top-five geography for cyberattacks is not coincidental. With an expanding middle class and rapid technological development, India is an increasingly attractive target for cybercriminals. Furthermore, geopolitical tensions with neighbouring nations, particularly Pakistan and China, and deepening relationships with the United States have elevated India’s risk profile.
Further compounding the problem is the ongoing conflict in the Middle East, where the activists exploit the chaos to launch online assaults, further aggravating the situation.
Aadhaar, a unique 12-digit identification number issued by the Unique Identification Authority of India (UIDAI) on behalf of the Indian government, serves as a pivotal tool in the country’s digital landscape. But since its inception, Aadhaar has been under the radar of the public on charges of privacy invasion.
In May 2023, the Ministry of Electronics and Information Technology (MeitY) issued a draft notification allowing certain private entities to use Aadaar authentication for their services. Karnataka’s drive for Aadhaar linkage also raised privacy concerns earlier this year.