Yet another batch of fresh data has appeared on a Russian-speaking forum, and this one appears to be the product of cyber-attacks launched against Indian entities. The pack offered for purchase contains 137 ZIP files totaling 103GB of data, while the entries that populate the archives are dated between 2016 and 2020.
The pack’s discovery comes from Cyble, who is constantly scanning the dark alleys of the web to find data leaks and informs the compromised firms before the damage gets out of hand.
The type of data contained in the leak is quite sensitive, and the folder names meant to give a categorization are indicative of that.
There are also credit cardholder details, email addresses, dates of birth, phone numbers, cities, states, genders, home addresses, and more.
Cyble’s researchers cannot figure out where that data came from with certainty yet, but it appears to have been taken out of marketing databases. There’s also a possibility that the poster has added previously leaked data in the mix to make his/her offering more alluring.
Moreover, there’s some data overlap with another database shared on GitHub, possibly by a different threat actor, so the dataset may have already been shared among many. This is reflected in the price as well, as the actor is selling the “Credit Card Holder” list for only Rs. 599, which is just a little over 8 USD - that’s three million credit cards for a fraction of 1 cent each.
India is making a commendable effort to put an embankment on the rate of data breaches that hit entities based in the country and is currently developing a legal context and a practical system to achieve this. In 2019 alone, 313,000 cybersecurity incidents were reported to the Indian Computer Emergency Response Team.
Barracuda Networks has previously estimated that about two out of three Indian companies have reported a data breach since the pandemic situation has forced everyone to pass to “work from home” practices.