Headlines
Unmasking data thieves, their motivation and dark marketplace
New Delhi, Nov 12
In recent times, India has witnessed a surge in cybersecurity incidents, leaving citizens and authorities grappling with the question: Who is behind the alarming spate of personal data breaches, and what drives their motivation?
Several high-profile breaches have come to light, exposing the personal information of thousands of individuals. The incidents have targeted a range of sectors, including banking, healthcare, and e-commerce, raising concerns about the vulnerability of sensitive data in the digital age.
On October 15, Resecurity, an American cybersecurity firm, made a troubling revelation: the personally identifiable information (PII) of 815 million Indian citizens, encompassing Aadhaar numbers and passport details, was being peddled on the dark web. In a blog post, the company revealed that threat actors were offering to sell this comprehensive data for $80,000, emphasising that the information on offer was indeed valid.
The alleged source of this data, as claimed by the threat actors involved, was the Indian Council of Medical Research (ICMR). Notably, the ICMR has faced a barrage of cyber attack attempts, with a staggering 6,000 incidents reported in the previous year alone.
Personally Identifiable Information comprises details that, when used either independently or in conjunction with other pertinent data, can pinpoint and identify an individual.
This includes direct identifiers like passport information and quasi-identifiers, which, when combined with additional information, facilitate the successful recognition of an individual. The data for sale on the dark web encompassed Aadhaar numbers – unique 12-digit individual identification numbers issued by the Unique Identification Authority of India (UIDAI) on behalf of the Indian government. The threat actor responsible for selling this data goes by the moniker 'pwn0001'.
These incidents have prompted concerns among the public about the security of their personal information in the digital age. Many are questioning who is behind these breaches and what their motivation might be.
Cybersecurity experts suggest that various actors may be involved, ranging from independent hackers seeking financial gain to sophisticated state-sponsored groups aiming to gather intelligence.
The motives behind these breaches can vary widely. Some hackers are driven by financial incentives, aiming to sell stolen data on the dark web for profit. Others may be motivated by political or ideological reasons, seeking to disrupt and undermine institutions.
"India is facing a multi-faceted challenge when it comes to cybersecurity. We are dealing with a combination of domestic and international threat actors who are constantly evolving their methods to compromise personal data," says Pavan Duggal, senior lawyer and cyber security expert.
"The motivations behind these breaches are diverse and complex. We are observing a blend of financially motivated attacks, state-sponsored espionage, and hacktivism. Understanding the intent is crucial for developing effective countermeasures," says Duggal.
The Indian government has taken note of the escalating threat and is actively working to strengthen the country's cybersecurity infrastructure. The Ministry of Electronics and Information Technology (MeitY) has initiated investigations into the recent breaches and is collaborating with cybersecurity agencies to identify the perpetrators.
"The government is committed to safeguarding the digital landscape of the country. We are investing in state-of-the-art technologies, collaborating with experts, and drafting comprehensive legislation to address the evolving challenges of cyberspace," a MeitY spokesperson had said.
In response to these incidents, experts emphasise the importance of individuals and organisations adopting robust cybersecurity practices. This includes regularly updating passwords, implementing multi-factor authentication, and staying informed about the latest security threats.
As the investigation unfolds, it remains crucial for both the government and private entities to collaborate closely to address the vulnerabilities in India's digital ecosystem and protect citizens from the ever-growing threat of cyber attacks.
1 minute ago
Didi Krishna’s Message to Physicians at AAPI Convention 2026: A Sacred Blueprint for Physicians as Healers
2 minutes ago
Deeply disappointed: 'Melbourne Meets Modi' organisers on 'paid crowd' claims of Rahul, Kharge; seek apology
14 minutes ago
‘This is just the beginning’: Tendulkar hails landmark Lord’s Test as defining moment for women’s cricket
25 minutes ago
Successive reports on presence of foreign operatives in and around India raises serious concern
4 hours ago
India strongly condemns the attack on vessels transiting Strait of Hormuz
6 hours ago
Devi Sri Prasad on S Janaki amma: Words cannot justify the greatness of this legend!
6 hours ago
Boney Kapoor on daughter Anshula's wedding: ‘It's a memory i'll carry forever’
6 hours ago
Mugdha Godse opens up about her small contribution to Marathi film 'Frame'
6 hours ago
S Janaki's granddaughter Apsara Vydyula: Don’t measure my love for my grandmother by the tears you do or do not see!
6 hours ago
Actress Bhavana clarifies that she does not have a Facebook account!
6 hours ago
Ajay Devgn looks back at 20 years of ‘Golmaal’, calls the journey full of unlimited fun
6 hours ago
Krystle D’Souza calls Awakenings 2026 a core memory, says she’s ‘ruined for every other festival now’
6 hours ago
Kerala HC rejects Pulsar Suni's plea to suspend sentence in 2017 actress assault case
