A new data leakage incident has surfaced online that seemingly threatens the security of one nation. As reported, an unsecured database has exposed more than 275 million records of Indian citizens. Although, the actual count of unique data might be lower than speculated the incident still holds importance as the database included explicit personally identifiable information.
Massive Records Of Indian Citizens Data Exposed
The security researcher Bob Diachenko, who has recently reported back-to-back incidents of open databases exposing huge records, has made another similar discovery. As per his findings, he encountered a leaky database exposing a massive record of Indian citizens. The unsecured database allegedly contained more than 275 million records having PII data.
As reported in his article, the unsecured MongoDB database precisely contained 275,265,298 records. The information leaked through the database included names, gender, birth dates, and contact numbers. The presence of other details like education, professional skills, area of expertise, employment history, present employer and present salary hinted towards the data as scraped from resumes. Diachenko could also relate to this speculation considering the organization of the database.
The structure and names of the collections in the database hinted that data was likely collected by anonymous person or organization as part of a massive scraping operation.
However, he could not establish any links to the owner of the database. As stated in his blog post,
There was no indication in the database about the owner of data or affiliation tags. MongoDB itself was hosted on Amazon AWS infrastructure, and reverse DNS also showed no results.
Database Hijacked By ‘Unistellar’
As elaborated by the researcher, the Shodan results showed the first indexation date of the database as April 23, 2019. Upon finding this database on May 1, 2019, Diachenko immediately reported the Indian Cert Team. However, it remained unsecured and eventually, fell into the hands of a hacking group ‘Unistellar’. Diachenko could see the data wiped out and replaced by the following message containing their email address.
Although, the actual owner of the database still remains unidentified. However, as disclosed in the researcher’s recent tweet, the database somehow relates to the Indian database ‘Data Service’.
Update re Indian database. This service https://t.co/gFDzdUwfAT has the same schema and Resume IDs in their samples (google-able). pic.twitter.com/tVLvNQwTQS
— Bob Diachenko (@MayhemDayOne) May 10, 2019
For now, no further information is available on the matter. We shall keep you updated as we hear more.
Let us know your thoughts in the comments.