In October 2023, a cybersecurity firm called Resecurity reported that the personal data of over 81.5 crore Indian citizens, including their Aadhaar and passport details, were on sale on the dark web. This is believed to be one of the biggest data breaches in Indian history.
The data is reportedly from the Indian Council of Medical Research (ICMR), a government agency responsible for coordinating medical research in India. The ICMR has denied that its database has been hacked, but it has not explained how the data was leaked.
The leaked data includes names, phone numbers, addresses, Aadhaar numbers, and passport numbers. This information could be used by criminals for a variety of purposes, such as identity theft, fraud, and stalking.
The Aadhaar leak is a major concern because Aadhaar is a unique identification number that is used by Indians for a variety of purposes, including accessing government services and banking. If a criminal has someone's Aadhaar number, they could potentially use it to impersonate that person and gain access to their accounts and services.
The Indian government has said that it is investigating the Aadhaar leak. However, it is not clear when or if the investigation will be completed. In the meantime, there are a few things that Indians can do to protect themselves from identity theft and fraud:
- Be careful about what information you share online.
- Use strong passwords and enable two-factor authentication for all of your online accounts.
- Monitor your credit report and bank statements for any suspicious activity.
- If you think your Aadhaar number has been compromised, report it to the UIDAI immediately.
The Aadhaar leak is a reminder of the importance of cybersecurity. Indians should be careful about what information they share online and take steps to protect their personal data.
What is the government doing to prevent future data leaks?
The Indian government has taken a number of steps to prevent future data leaks, including:
- Enacting the Personal Data Protection Bill, which would regulate the collection and use of personal data by businesses.
- Establishing the National Cyber Security Authority (NCSA), which is responsible for coordinating cybersecurity efforts in India.
- Launching the Cyber Swachhta Kendra (CSK), which provides free anti-malware software and security awareness programs to Indians.
However, more needs to be done to improve cybersecurity in India. The government and businesses need to invest in cybersecurity measures and educate Indians about the importance of protecting their personal data.