DARK WEB : 2.9 CRORE INDIAN JOB SEEKER’S DATA LEAKED – ADVISORY BY MAHARASHTRA CYBER CELL
DARK WEB: 2.9 CRORE INDIAN JOB SEEKER’S DATA LEAKED – ADVISORY BY “MAHARASHTRA CYBER CELL“
– By MEGHA MALHOTRA
As an alarming disclosure, cybersecurity analysts guaranteed that a hacker has posted personal details of nearly 2.9 crore Indian job seekers at one of the hacking forum discussions on the Dark Web for free.
As a major aspect of the regular sweep over the Deep Web and Dark Web, analysts from cybersecurity firm “Cyble” came across an interesting and fascinating thing, where a threat entertainer posted 2.3GB (zipped) file on one of the hacking forums. According to The latest blog post by Cyble on Friday “The leak basically encompassed a lot of personal details of millions of Indians Job seekers from different states.”
This breach includes delicate data such as email, phone, home address, qualification and work experience etc from job seekers spanning across states, from New Delhi to Mumbai and Bengaluru.
Cybercriminals are consistently on the lookout for such personal information to conduct various nefarious activities like identity thefts, scams, and corporate espionage. Cyble indexed this data at ‘AmIbreached.com : Cyble’s data breach monitoring and notification platform.
“Cyble researchers have recognised a sensitive data breach on the darkweb where an actor has leaked and disclosed the personal details of nearly 29 million Indian job seekers from various states. “Cyble’s team is still investigating this further and will be updating their article as they bring more facts to the surface,’ it said in a statement. Cyble said it has acquired the leaked data. The same cyber security firm earlier exposed that Bengaluru-based edtech firm Unacademy was hacked.
According to Cyble analysts, nearly 22 million Unacademy user accounts were influenced and the data was dumped and sold on Dark Web. ‘We would like to assure our users that no sensitive information such as financial data or location has been breached,” said Hemesh Singh, Co- Founder and CTO, Unacademy, in a statement.
In April, hackers sold personal data of a whopping 267 million Facebook users for just Rs 41,500 (approximately 500 Euros) that includes email addresses, names, Facebook IDs, dates of birth and phone numbers
Tips to stay safe
• Update Regularly : Use auto-updates to get the latest patches for apps, software and operating systems.
• Passwords : Using the same password on a whole raft of logins is a rookie mistake. Once hackers get one password, they’ll try it on everything else they can connect you to.
• Download from authorised sources : Whether you ‘side-load’ apps (self-install them) or go for open source software, make sure you get them from trusted sites. Check for any bundled bits (‘spyware‘ or ‘adware’) and remove them – toolbars and add-ons that change your default search engines are the biggest culprits.
• “Administrator’ shouldn’t be your default setting : Don’t log in as admin on your computer for day-to-day use (except when you have to, like if you’re installing stuff). If you download something dodgy or have already been compromised, hackers can track, install and change pretty much whatever they like.
• Turn off when you’re done : That includes logging out of sites when you’ve had your fill of memes, switching off the computer when you leave the house, or disconnecting the WiFi when you’re not using it.
• Encrypt to keep your stuff unreadable : Encryption doesn’t stop files, emails or details you submit through a website being intercepted – it ‘scrambles’ the content so they can’t be read by unauthorised users. One of the most common forms of encryption you can make use of is to check for the little padlock symbol next to the URL (or that the address starts with https, not just http) when you’re logging in or providing payment details. Most sites use this nowadays anyway, but it’s always worth checking.
• Get yourself decent anti-virus firewall software and turn it on : Some insurance companies and banks only cover fraud and theft if you can prove you had security in place.
• Back-up important data on an external hard drive or USB stick. If there’s something that you’d be gutted to lose, keep copies.
• Be picky about which companies you share your personal info with : your data’s only as secure as they are.
• Be very suspicious of emails or messages asking for login or account info, and check that any links are legit (i.e. not hsbo-bank.co.uk) and secure (https not http). This is known as phishing and is one of the easiest ways for passwords to be nicked.
• Log in to your accounts only from your own gadgets : If you do have to use a public or shared device, make sure you log out afterwards.
15 thoughts on “DARK WEB : 2.9 CRORE INDIAN JOB SEEKER’S DATA LEAKED – ADVISORY BY MAHARASHTRA CYBER CELL”
A very alarming incident and another reminder of why we should be very careful while connecting to the network and sharing our information . It also highlighted the fact that how vulnerable we all are in our day to day lives and might have to pay even if it’s not our fault in any way. A very informative article indeed.
Thankyou so much @Abhishake Banerjee
This article provides the best practices to avoid a data breach in workplace and also gives information on how to manage data breaches.
Thankyou @ shrishti
This article is well written about the cyber crimes that are on the workplace where the data’s are being breached also this article helps one to stay safe from the data breach by updating regularly ,changing passwords frequently,downloading from authorised resource ..etc
Thankyou so much @Pravin Kumar R
Well detailed information about the data breach. Our nation is not ready for such things as darkweb is a swarm of dangerous and notorious hackers and syndicates then we think. A single place where anything and everything is on sale even the precious data of a real person. There is no probability as from where it came and how it was posted there but one thing is for sure if this matter is not taken seriously a bigger threat will be there shortly after this.
Thankyou for appreciating the efforts @ Sarthak Pathroliya
Although one should keep a data backup in a hard drive or a USB, yet it should be well encrypted and password protected so that even if the drive lands in wrong hands, the data isn’t accessed by the culprit to be.
Beware and Great Article
Mam you are providing lots of informative, effective and can understood with ease.Thank you very much Mam for all those articles written by you.
In my opinion the article could have been a way lot better and information provided was insufficient for this topic.
An alarming articles for data breach and data selling. I really appreciate the content and facts. thanks for reminding us again that we need to maintain our privacy on internet very carefully.
An article which shows that the government agencies have to be more efficient in tackling situation by upgrading themselves and the people working in Cyber cell.
It also suggests that common people also have to be alert.