What Happened?

A recent claim has been made on the dark web by a hacker group boasting that they have acquired user sensitive information of about 150 million people who have used the Indian government portal “CoWin” for vaccination. The alleged database is available on the dark web for $800 worth of cryptocurrency.

Who are these hackers? What group do they belong to?

The information was put out on a tweet by twitter user DarkTracer(twitter handle @darktracer_int) that a hacker group call themselves “Dark Leak Market“, who are known for posting many leaked databases on the dark web before. The identity of group members as well as their nationality are hidden so it is difficult to say whether this cyber attack was self motivated or an state espionage. The group claims they have acquired the database from undisclosed sources and have not hacked it from the platform.

Why did the hackers target CoWin platform? What data were leaked?

If you don’t reside in India, then you must know that, in order for the citizens to be vaccinated in India, it is necessary for them to get registered via the CoWin platform for their 1st dosage at least. Keeping this in mind, it must had been assumed from attackers perspective that unique identification cards or documents would be used for registration. Hence it is pretty sure that the hackers group was waiting for the platform to be online while attacking the servers for access.

The user data that was uploaded by the citizens for registration were:

  • Mobile number.
  • First name.
  • Middle name.
  • Last name.
  • Aadhar Card number [similar to a SSN].
  • Driving license.
  • Election card.
  • Pan Card.
  • Other KYC documents if uploaded.
  • Area pin code.
  • District name.
  • GPS location.

What should the users do? What can a cyber criminal do with these data?

If Cyber criminal gets their hands on such crucial unique and personal information of individuals then they can use it to perform the following tasks:

  • Identity theft.
  • Financial theft.
  • Fraud.
  • Scam.
  • Severe Criminal activity.
  • Espionage against the state etc.

What we can hope is that, the claim of the alleged database comes out to be false. Because if the data is genuine and valid, then it can not only harm the civilians but also the national security of the country in a broader aspect.

By Siddhant Pathak

Cyber security architect, 7+ years experience in cyber security industry, Tech savy, Nature lover, Bullet 350 rider

Have some thoughts? why not share with us here.