Generic filters
Exact matches only
Search in title
Search in content
Filter by Custom Post Type
Filter by Categories

Massive PII Breach Hits India

Executive Summary

The substantial leakage of Personally Identifiable Information (PII), including Aadhaar, belonging to Indian residents on the Dark Web has been unveiled by Resecurity’s HUNTER unit in October.

This data breach underscores a significant security risk, with the data being marketed on cybercriminal platforms. The incident follows recent skepticism regarding the Aadhaar system’s security, propelling discussions on digital identity protection and third-party data management in India.

What Happened

In early October, Resecurity’s HUNTER unit discovered hundreds of millions of PII records of Indian residents, including Aadhaar information, being offered for sale on the Dark Web.

According to the report by Resecurity, a significant amount of the data appears to have been exfiltrated through breaches of third-party systems. These third-party systems are often targeted by cybercriminals due to the vast amounts of PII data they collect and store. Financial institutions, lending companies, and mobile carriers are some of the prime targets for such attacks.

This breach was publicised on cybercriminal forums by threat actors pwn0001 and Lucius. Pwn0001 claimed possession of a database containing 815 million Indian resident Aadhaar and passport records. On the other hand, Lucius advertised a 1.8 terabyte data leak from an undisclosed “India internal law enforcement organization.”

Significance of the Data Stolen

The stolen data primarily encompasses Aadhaar, a unique 12-digit identification number issued to Indian residents. The Aadhaar system, with roughly 1.4 billion IDs issued since 2009, facilitates various essential services like electronic payments, online e-KYC verification, and voter ID linkage, making it a critical part of India’s digital infrastructure.

The leak’s magnitude, involving potentially over 815 million records, poses a significant threat to digital identity security in India, making it a vital issue of national concern. The data, being a gateway to a multitude of services, if misused, could lead to widespread financial fraud and identity theft, undermining the digital trust that the Indian government has been fostering over the years.

  • Third-party Management Importance: The breach underscores the critical importance of robust third-party management to ensure data security. The likely breach from third-party sources, such as financial institutions or mobile carriers, illuminates the necessity for stringent data management policies and practices to prevent such massive data exfiltration.
  • Cybersecurity Stance: The incident prompts a re-evaluation of cybersecurity measures. This includes preventive actions, monitoring, and incident response within the Aadhaar ecosystem. It calls for enhanced security protocols to safeguard sensitive data, especially when the nation ranks high in global cyber-attack geographies.
  • Public Awareness and Action: The proactive steps taken by Resecurity in acquiring the leaked dataset and notifying the victims are commendable. It hints at the necessity for active public-private partnerships in combating cyber threats and ensuring digital identity protection in India.
  • Policy and Regulatory Implications: Given the scale of the breach and the centrality of Aadhaar in Indians’ digital lives, it is imperative to revisit and possibly reinforce the regulatory framework governing data protection and digital identity in India.



Cubic Lighthouse is a cybersecurity publication dedicated to demystifying security, making news actionable, providing deeper thinking about the fundamentals of security, and providing decision-makers and the community at large with the right information to make the right decisions. We will also feature more technical articles and provide personal/family security advice.

©2024 Cubic Consulting, a Smart Security Company for your Business – All Rights Reserved.

Update Required Flash plugin