Millions of Indian Citizens’ Personal Information for Sale on the Dark Web

The personally identifiable information (PII) of millions of Indians is available for sale on the dark web including the government issued Aadhar cards, claims cybersecurity firm, Resecurity.

The American company in a recent report revealed that during its monitoring of the dark web, Breach Forums, it discovered a threat actor’s post, claiming to have access to important personal data of Indian citizens.

‘’On October 9th, a threat actor going by the alias ‘pwn0001’ posted a thread on Breach Forums brokering access to 815 million “Indian Citizen Aadhaar & Passport” records,’’ the report revealed.

The 90 GB dataset contains a wide range of information, including names, ages, fathers’ names, phone numbers, passport and Aadhar numbers, gender, addresses, and it is being offered for a mere $80,000.

To prove the authenticity of the stolen data, the threat actor also shared spreadsheets containing 100k records with ‘’fragments of Aadhaar data as a proof’’. To verify their claims, Resecurity researchers checked the Aadhar credentials via an Indian government portal that provides a “Verify Aadhaar” feature.

Although it’s unclear when and from where the information was breached, signs point towards the data collected by the Indian Council of Medical Research (ICMR) during the 2020-21 COVID epidemic.

Earlier in August 2023, the firm identified another Beach Forums post claiming to sell 1.8 TB of data stolen from an India law enforcement organization. The database sold by a threat actor, nicknamed Lucius, contained a more extensive array of PII data. It included the driving license and Voter ID records of around 85% of the Indian population.

With the emergence of India as a top five geography for cyberthreats (Trend Micro 2023 Cybersecurity Threat Report), the leak of PII data on the dark web creates risks of digital crimes.

‘’The leak of PII data containing Aadhaar (and other details) of Indian citizens on the Dark Web creates significant risk of digital identity theft. Threat actors leverage stolen identity information to commit online-banking theft, tax refund frauds, and other cyber-enabled financial crimes,’’ the report stated.