Technisanct, a cyber security and big data startup headquartered in Bangalore, reports data breach of over 4.5 million citizens from the Public Distribution System (PDS) of the state of Tamil Nadu. Major details including Personal Identifiable Information (PII) and Aadhaar number of citizens have been kept for sale in a data sharing platform.
A link including from a file sharing platform leaking 5.2 million user data which includes 49,19,668 Aadhaar numbers was uploaded on a popular hacker forum on June 28th by a vendor known to have shared leaked databases in the past. The data of users of Tamil Nadu’s PDS included multiple parameters including the beneficiary member id, Aadhaar number, names of beneficiaries as well as that of their family members, addresses, mobile numbers, relationships and more.
It was also identified that tnpds.gov.in was a victim of a cyber attack and was hacked by a cyber criminal group who goes by the name 1945VN. Over 68 million beneficiaries and 67 million Aadhaar are linked to this particular portal. There is a possibility that the identified breach is only a part of information published by the vendor.
The data breach was reported to the Computer Emergency Response Team (CERT) by Technisanct. “Our team is further assessing the depth of breach with special emphasis on the number of Aadhaar records publicly exposed as it is crucial to protect the citizens from being a victim of fraud,” says Nandakishore Harikumar, Founder and CEO, Technisanct.
