Latest News

500 GB Data of Indian Police, Military, Teachers, Railways Leaked Online


➡️ Click here to join our Whatsapp Group

A massive data leak has occurred in India, exposing sensitive biometric data of Indian citizens during a time when the nation is participating in general elections. The leak raises concerns about the state of cybersecurity in India, especially considering previous reports of cyber attacks and data leaks targeting elections.

The data leak was discovered by cybersecurity researcher Jeremiah Fowler, who found a misconfigured non-password-protected database containing over 1.6 million documents. Fowler reported the discovery to Website Planet.

The exposed files, totaling 496.4 GB and consisting of approximately 1,661,159 files, contained highly sensitive biometric details such as facial scan images, fingerprints, signatures, and identifying marks of various individuals, including police officers, military personnel, teachers, and railway workers.

In addition to biometric data, the leaked database also contained other crucial information, including birth certificates, images, email addresses, employment applications, diplomas, certifications, and other education-related files.

Database Contents and Source

The leaked database contained records from 2021 to 2024. Among the documents, there were approximately 284,535 files categorized as Physical Efficiency Tests (PET) for police and law enforcement officers. These files included signature images, PDF documents, mobile applications, and installation data, some of which were stored in compressed .zip format.

One specific folder within the database, titled “Facial Software Installation,” contained images and documents captured and transmitted through an application. The folder also contained plain text login and password information for the internal database. The records in the database belonged to two separate India-based firms, ThoughtGreen Technologies and Timing Technologies. However, it is unclear which firm owned the server.

Access and Potential Unauthorized Activity

Public access to the leaked database was restricted on the same day it was discovered. However, the duration of the database’s exposure and whether any unauthorized access to the biometric records occurred remain unknown. An internal forensic audit is necessary to determine if any suspicious activity took place and whether the records were accessed by anyone else.

According to cybersecurity researcher Jeremiah Fowler, there are concerns that the leaked data may already be up for sale on a Telegram group, potentially putting millions of individuals at risk of various threats.

Implications of the Data Leak

The exposure of biometric data, such as fingerprints and facial scans, raises significant concerns about the potential misuse of this information. Biometric data is unique to individuals and can be used for malicious purposes, including impersonation and identity theft. This incident highlights the ethical and regulatory challenges surrounding the collection, use, and storage of biometric data.

It is worth noting that India passed a law in 2022 that extended police powers to collect biometric data from convicted, arrested, or detained individuals.

Call for Stronger Data Security Practices and Clear Regulations

This data leak serves as a wake-up call for both governments and private firms, emphasizing the need for stronger data security practices and clear regulations to protect the privacy and security of citizens. The incident highlights the vulnerability of biometric data and the potential risks associated with its collection and storage.

In conclusion, the recent data leak in India involving the exposure of biometric data raises concerns about the state of cybersecurity and the protection of sensitive information. The leaked database contained a vast amount of personal and biometric data, highlighting the need for stronger data security measures and clear regulations to safeguard the privacy and security of individuals.

Leave a Reply

Your email address will not be published. Required fields are marked *