New Delhi | Jagran Technology Desk: Cyble, a cyber-intelligence firm on Wednesday said that over one lakh scanned copies of Indian national’s IDs including Aadhar Card, PAN card and passport, have been put on dark web for sale. They added that the leaked data seems to have originated from a third party and not from the government system.

Cyber intelligence firm, Cyble provides real-time insights into cyber threats and risks using Artificial Intelligence. According to news agency PTI, the cyber security company said, "We came across a non-reputed actor who is currently selling over 1 lakh Indian National IDs on dark net. With such a low reputation, ideally, we would have skipped this; however, the samples shared by the actor intrigued our interest -- and also the volume. The actor is alleged to have access to over 1 lakh IDs from different places in India.”

The Cyble researchers acquired around 1,000 IDs from the seller and confirmed that the scanned IDs belong to Indians.

Cyble claimed that the leaked data may have been originated from a third party and not from the government. They said, "Preliminary analysis suggests that the data originated from a third party, and no indication or artefact is indicating that it came from a government system. At this point, Cyble researchers are still investigating this further -- we are hoping to share an update soon.”

The scanned ID documents indicate that the data may have been leaked from a company's data-base in the segment where they have to comply with 'Know Your Customer' (KYC) norms.

The personal data leaked by cyber criminals leads to various nefarious activities such as identity thefts, scams, and corporate espionage. Many criminals use the personal details in the IDs to win trust of the people over a phone call for fraudulent activities.

To protect people from frauds, the cyber intelligence firm has recommended people to refrain from sharing personal information especially financial information over phone, e-mail or SMS. They further asked to regularly monitor our financial transactions, and to contact immediately in case of any suspicious transaction.

In May, Cyble showed two instances where personal data of 7.65 crore Indians have been put on sale in the dark web. In one instance, the seller claimed to have sourced data of 4.75 crore Indians from online directory Truecaller and in other, the seller claimed to have sourced from job websites. Truecaller, however, had denied the claim of breach in its database.


(With PTI Inputs)

Posted By: Talib Khan