Researchers discovered a dump containing 29.1M Indian jobseekers personal details that was offered for free in the hacking underground.
An anonymous entity told Cyble researchers that the data were stored on an unprotected elastic search instance that is no longer accessible.
While Cyble was investigating the issue, a threat actor published more than 2,000 Indian Identity cards (Aadhaar cards) on one hacking forum, files appears to have originated from 2019.
Then the threat actor leaked 1.8M identity cards belonging to citizens of the Madhya Pradesh state on their forum.
“Cyble has indexed this information on their data breach monitoring and notification platform, Amibreached.com. People who are concerned about their information leakage, can ascertain the risks by registering to the platform.” reads the post published by Cyble.
Cyble researchers also discovered that a threat actor posted 2.3 GB (zipped) file on one of the hacking forums.
This time the leak contains a lot of personal details of millions of Indians Job seekers from different states. At the time of writing this article, the experts are still investigating the source of the leak.
“It appears to have originated from a resume aggregator given the sheer volume and detailed information.” state the experts.
“Cyble researchers have identified a sensitive data breach on the darkweb where an actor has leaked personal details of ~29 Million Indian Job Seekers from the various states. The original leak appears to be from a resume aggregator service collecting data from various known job portals. Cyble’s team is still investigating this further and will be updating their article as they bring more facts to the surface. This breach includes sensitive information such as email, phone, home address, qualification, work experience etc.”
Crooks could use personal information exposed in both data leaks to conduct various malicious activities, including identity thefts, scams, and corporate espionage.
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – Indians data leaks, hacking)
[adrotate banner=”5″]
[adrotate banner=”13″]
Threat actors are exploiting the CVE-2023-22518 flaw in Atlassian servers to deploy a Linux variant of…
Ivanti addressed two critical vulnerabilities in its Avalanche mobile device management (MDM) solution, that can…
Researchers released an exploit code for the actively exploited vulnerability CVE-2024-3400 in Palo Alto Networks'…
Cisco Talos warns of large-scale brute-force attacks against a variety of targets, including VPN services,…
The PuTTY Secure Shell (SSH) and Telnet client are impacted by a critical vulnerability that could…
Researchers warn of a renewed cyber espionage campaign targeting users in South Asia with the…
This website uses cookies.