India’s 28 Crore provident fund data leaked by hackers, Ukraine-based researcher claims

Provident Fund (PF) data of about 28 million Indians was leaked by hackers earlier this month. A Ukrainian cybersecurity researcher, Bob Diachenko, made the discovery on August 1 and found that details such as Universal Account Number (UAN), names, marital status, Aadhaar details, gender and details of the bank account were exposed online. According to Diachenko, he found two different Internet Protocol (IP) addresses hosting two groups of leaked data. Both of these IP addresses were hosted on Microsoft’s Azure cloud storage service.

Cybersecurity researcher Bob Diachenko detailed the leak in a Publish on LinkedIn. On August 2, Diachenko discovered two separate clusters of IP data containing clues called UANs. After looking at the clusters, he discovered that the first cluster contained 280,472,941 records, while the second IP contained 8,390,524 records.

“After a quick review of the samples (using just a browser), I was sure I was looking at something big and important,” Diachenko said in his post. However, he was unable to find out who the data belonged to. Both IPs were hosted on Microsoft’s Azure platform and were based in India. He was unable to obtain any further information via a reverse DNS scan.

Search engines Shodan and Censys from Diachenko’s SecurityDiscovery company found these clusters on August 1. However, it is unclear how long the information has been available online. The data could have been misused by hackers to gain access to the PF account. Data like name, gender, Aadhaar details could also be used to create fake identities and fake documents.

The researcher tagged Computer Emergency Response Team India (CERT-In) in a Tweeter inform them of the leak. CERT-In responded to his tweet asking him to provide a report of the hack in an email. Both IP addresses were removed within 12 hours of his tweet. Diachenko says that since August 3, no company or agency has come forward to take responsibility for the hack

Source link

Denial of responsibility! is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – The content will be deleted within 24 hours.

Similar Articles

Most Popular