Aadhaar, UPI Handles of 70 Lakh Indians Leaked Online During BHIM Data Transfer By Govt Associates
A shocking news has revealed that personal data of about seven million Indian users is available on a public domain for everyone to see after it had been breached.
An Israeli cybersecurity firm has revealed that data of thousands of users was breached while they were being onboarded on the BHIM app.
To find out all the details about this data breach due to the BHIM app, read on.
Data Breach Revealed; Data Of Seven Million Indian Users Available On Public Domain
Israeli cybersecurity firm vpnMentor has revealed that there has been a data breach leading to the data of about seven million Indian users. As per reports, this happened while the data of the millions of users was being uploaded on the BHIM app by the common service centers (CSC) of e-Governance Services.
This data breach was reported to India’s cybersecurity agency, the Computer Emergency Response Team (CERT-In) by the members of vpnMentor’s research team. The breach includes personal data including images of the users’ Aadhaar cards and UPI identifiers onboarded by CSC e-Governance associates. Additionally, along with the VPA, static pages of the portal, PDF files, e-text, pictures, and awareness videos were also made public.
Apparently, the data was available until last week.
The CSC e-Governance Service revealed that even data points, such as a merchant’s virtual payment address (VPA) were kept public for more transparency in the system. But the project didnt ask for Aadhar data of the merchants, and therefore there is no possibility of personal identifiers like Aadhar details being made public. Also, the CSC said that data was hosted on Indian servers located within the country.
Multiple Instances In Cybersecurity Breaches Reported
There have been multiple instances of cybersecurity issues caused due to an increasing number of cyber threats and data breaches. Another cybersecurity firm, Cyble, reported that a hacker had posted personal information of about 2.9 crore Indians seeking jobs on a hacking forum, Dark Web.
The report by Cyble also states, “Our researchers have identified a reputable seller, who is selling 47.5 Million Indians Truecaller records for $1000. The data is from 2019.”
An another report also shows that data of about 4 crore Indian users caller ID app, Truecaller, was put up on sale on the dark web.