Soumya Prakash Pradhan

In India, during the COVID-19 pandemic, many people registered on the CoWIN platform for vaccination. Unfortunately, their personal information, such as mobile numbers and Aadhaar card details, was leaked on the internet.

According to a report by News18, sensitive data belonging to 81.5 crore Indians has surfaced on the dark web, potentially marking the largest data breach in India's history.

This data was originally collected by the Indian Council of Medical Research (ICMR) during COVID-19 testing, but the source of the leak is still unknown.

The Central Bureau of Investigation (CBI) is currently investigating this breach after it was brought to their attention by a hacker who goes by the name 'pwn0001’, as per the report.

The stolen information includes Aadhaar and passport details, as well as names, phone numbers, and both temporary and permanent addresses of millions of Indians.

The hacker claims that this data originates from the information gathered by ICMR during COVID-19 testing.

A user named Shivam Kumar Singh on the X platform shared a screenshot of the leaked data, describing it as "⚠️ India's Biggest Data Breach" and mentioning that the Indian government is looking into the matter.

The initial discovery of this data breach was made by Resecurity, an American agency specialising in cybersecurity and intelligence.

On October 9, 'pwn0001' disclosed details about the breach on Breach Forums, advertising the availability of 815 million records, including "Indian Citizen Aadhaar & Passport" data, as reported.

As of now, there has been no response to the leak from the Ministry of Information and Technology. For more information, you can read the News18 report here.