In the wake of the disclosed ‘MOAB’ data breach, which claimed to expose 26 billion records, a recent incident involving a new database leak has surfaced. This breach involves a significant amount of data, totaling 1.8 terabytes, from an “Indian Mobile Network Consumer Database,” potentially impacting 750 million individuals. The compromised database is currently being offered for sale on the dark web.
The cybersecurity firm CloudSEK brought this incident to light and emphasized the substantial scale of the data leak. Sparsh Kulshrestha from CloudSEK noted, “The magnitude of the data leak cannot be overstated. With the personal information of 750 million individuals exposed, the potential for cyberattack and identity theft is unprecedented. Telecom service providers and the government must validate the data and identify the loophole.” He stressed the critical need for organizations and individuals to prioritize cybersecurity measures in response to such breaches.
The cybersecurity firm identified the massive data breach when an actor known as ‘CyboDevil’ listed the data for sale on a dark web platform. The compromised database contains security-sensitive information, including names, mobile numbers, addresses, and Aadhaar details. Notably, 85% of the affected data pertains to Indian users. The researchers at CloudSEK found that the leak impacts all major telecom providers.
“The data, available for sale, is compressed to 600GB and uncompressed to 1.8TB, posing significant risks to both individuals and organizations. The threat actor has demanded $3,000 for the entire dataset,” stated the researchers. This substantial leak raises concerns about potential financial losses, undue stress on affected individuals, reputational damage, and an increased likelihood of cybersecurity attacks.
The incident highlights the ongoing challenges and risks associated with data security in the digital landscape. As data breaches become more prevalent, organizations and individuals alike are urged to remain vigilant and prioritize robust cybersecurity measures to safeguard sensitive information. The consequences of such breaches extend beyond financial implications, impacting individuals’ privacy, security, and overall trust in digital systems. The need for proactive efforts to identify vulnerabilities and address them promptly is underscored by incidents of this nature, emphasizing the collective responsibility to enhance cybersecurity practices and protect against evolving cyber threats.