Four People Arrested By Delhi Police In ICMR Data Breach Case; FBI And Pakistan’s CNIC Data Stolen

Four persons were detained by the Delhi Police Cyber Unit for their involvement in the dark web sale of the personal data of Indian nationals. The Indian Council of Medical Research (ICMR) data bank exposed critical data, that the accused had been actively selling on the dark web.

About two months ago, the Aadhar and COVID-19 immunization records of over 80 crore Indians were made available for purchase on the black web. Media reports revealed the significant breach after they discovered that a Telegram group was harvesting people’s Aadhar information.

An FIR was filed by Delhi Police after they got suo motu notice of the data breach earlier this month, according to a senior official quoted in The Indian Express.

The officer said that last week saw the arrest of an Odisha B.Tech graduate, two accomplices who had dropped out of school in Haryana, and one from Jhansi. They were then brought before a Delhi court, which placed them under seven-day police remand.

“During their first interrogation, the accused individuals informed detectives that they had become friends after meeting on a gaming platform around three years before. The officer said, “They then made the decision to make quick money.”

The suspects admitted during interrogation that they had also stolen data from the Federal Bureau of Investigation (FBI) and Pakistan’s version of Aadhaar, the Computerized National Identity Card (CNIC), according to The Indian Express.

In a blog post, Security, a cybersecurity and intelligence agency based in the United States, announced that it had discovered the breach and that 815 million “Indian Citizen Aadhaar & Passport” records were being accessed through a thread posted on Breach Forums on October 9 by a threat actor going by the name “pwn0001.” Early in October, millions of personally identifiable information records—including Aadhaar cards—belonging to Indian citizens were discovered to be up for sale on the Dark Web by Resecurity’s HUNTER (HUMINT) team. Authorities are now conducting a thorough investigation to determine the exact number of impacted persons, but it is worrying that the data is sensitive and legitimate.