India's Department of Telecommunications (DoT) is pushing service operators for a security audit of their systems following claims of data leak of 750 million telecom users.
Cybersecurity firm CloudSEK in its recent disclosure said it has found hackers - the CYBO CREW group affiliates CyboDevil and UNIT8200 advertising a massive Indian Mobile Network Consumer Database for sale on the Dark Web.
These threat actors have been linked to major breaches in the past, targeting multiple organisations in the automobile, jewellery, insurance, and apparel sectors.
According to the threat actor, the dataset allegedly encompasses a staggering 85 percent of the Indian population, making it one of the largest breaches of its kind.
It includes critical information like names, mobile numbers, addresses, and details of Aadhaar cards (India's national identity system).
The data, available for sale, is compressed to 600GB and uncompressed to 1.8TB, posing significant risks to both individuals and organisations.
The hackers currently demand US$3,000 (S$4,020) for the entire dataset.
The breach came to light on January 23 and upon initial analysis of the sample dataset, CloudSEK researchers have found that the leak affected all major telecom providers.
The company said that the leak of Personally Identifiable Information (PII) (Aadhaar card) poses a huge risk to both individuals and organisations, potentially leading to financial losses, identity theft, reputation damage, and increased susceptibility to cyberattacks.
CloudSEK's threat intelligence and security researcher, Sparsh Kulshrestha, said the magnitude of this data leak cannot be overstated.
"With the personal information of 750 million individuals exposed, the potential for cyberattacks and identity theft is unprecedented," he added.
Kulshrestha urged telecom service providers and the government to validate the data and identify the loophole.
CloudSEK added that the "exact methods employed by the threat actor to obtain the data remains undisclosed", but also denied their involvement in the breach.
Members of the CYBOCREW group have previously claimed real-time access to Indian phone number KYC (know your customer) details, including government lookup capabilities, in July 2023.
It is also under scrutiny for selling API access to the Indian vehicle database, boasting access to 815 million Aadhaar cards and passport records.
