Hackers leak Provident Fund data of 28 crore Indians, claims cybersecurity researcher

Hackers leak Provident Fund data of 28 crore Indians, claims cybersecurity researcher

Volodymyr “Bob” Diachenko, a Ukrainian cybersecurity researcher, has made some startling revelations concerning the Indian working class. According to his research, hackers have leaked Provident Fund (PF) data of 28 crore Indians online.

Volodymyr “Bob” Diachenko disclosed hackers exposed details such as Universal Account Number (UAN), names, marital status, Aadhaar, gender, and bank account information on August 1, 2022. The researcher made the claims detailing the breach in a blog post on LinkedIn Pulse.

“On August 2, 2022, an internal report caught my attention. Our systems identified 2 (two) separate IPs with passwordless Elasticsearch clusters containing indices called “UAN.” After a quick review of the samples (using a simple browser), I was sure I was looking at something big and important. UAN stands for Universal Account Number, and this is an important part of the Indian government registry. UAN is allotted by the Employees’ Fund Organization (EPFO). First IP with Elasticsearch cluster contained 280,472,941 records. Second IP contained 8,390,524 records,” Diachenko wrote.

Diachenko also revealed that both the IP addresses were India-based and hosted on the Azure platform, a cloud computing and data storage service by tech giant Microsoft.

“It was not immediately clear who the data owner is. Both IPs were Azure-hosted and India-based. No other information was obtained through reverse DNS analysis as well. Shodan and Censys search engines picked them up on August 1, but it is unknown for how long this information was exposed before search engines indexed them,” he wrote.

According to Free Press Journal, Diachenko is constantly in touch with the Indian authorities related to the matter.

Read – Committed to providing strongest data privacy & security protections: Google

Read – Government says India observed 36.29 lakh cybersecurity incidents in three and a half years

WRITTEN BY

Team Eela

TechEela, the Bedrock of MarTech and Innovation, is a Digital Media Publication Website. We see a lot around us that needs to be told, shared, and experienced, and that is exactly what we offer to you as shots. As we like to say, “Here’s to everything you ever thought you knew. To everything, you never thought you knew” Read more
0

Leave a Reply

Your email address will not be published.