Technisanct, cybersecurity, and big data startup headquartered in Bangalore report a data breach of over 4.5 million citizens from the Public Distribution System (PDS) of the state of Tamil Nadu. Major details including Personal Identifiable Information (PII) and Aadhaar number of citizens have been kept for sale in a data-sharing platform.
A link including from a file-sharing platform leaking 5.2 million user data which includes 49,19,668 Aadhaar numbers were uploaded on a popular hacker forum on June 28th by a vendor known to have shared leaked databases in the past. The data of users of Tamil Nadu’s PDS included multiple parameters including the beneficiary member id, Aadhaar number, names of beneficiaries as well as that of their family members, addresses, mobile numbers, relationships, and more.
It was also identified that tnpds.gov.in was a victim of a cyber-attack and was hacked by a cybercriminal group that goes by the name 1945VN. Over 68 million beneficiaries and 67 million Aadhaar are linked to this particular portal. There is a possibility that the identified breach is only a part of the information published by the vendor.
The data breach was reported to the Computer Emergency Response Team (CERT) by Technisanct. “Our team is further assessing the depth of the breach with special emphasis on the number of Aadhaar records publicly exposed as it is crucial to protect the citizens from being a victim of fraud”, says Nandakishore Harikumar, Founder & CEO of Technisanct.