A data breach that could potentially affect over 6,000 Indian organisations including the Unique Identification Authority of India, Reserve Bank of India, Bombay Stock Exchange and Flipkart, has been addressed by the arm of the government responsible for handling the registry that was allegedly compromised.
A cybersecurity firm in Pune, along with its partner, had said on Friday that it had tracked an advertisement on the DarkNet offering access to the servers and database dump of over 6,000 Indian businesses.
“Following a detailed research, the team identified the affected organization as India’s National Internet Registry: IRINN (Indian Registry for Internet Names and Numbers) which comes under NIXI (National Internet Exchange of India),” said Rohit Srivastwa, of Seqrite’s Cyber Intelligence Labs in a blogpost published last week.
However, Srivastwa told Moneycontrol on Tuesday that NIXI has contacted all or most of the affected people and stakeholders. “They are also being contacted by NCIIPC (National Critical Information Infrastructure Protection Centre), and have notified all the people,” he said.
An email to the CEO of NIXI was not immediately answered.
The DarkNet can be understood as a digital underworld that is inaccessible to most and where illicit marketplaces exist for things such as stolen identity information.
The teams at seQtree and Seqrite had contacted the dealer offering the Indian entities’ details, posing as an interested buyer, and obtained a sample of the information the dealer had.
In the sample, the team found email addresses of a prominent Indian technology firm and another email address was from Indian government, with a total of about 6,000 emails.
The dealer also shared screenshots of the compromised registry which the cybersecurity firms’ team established to be IRINN.
Among the companies whose emails they found were Tata Consultancy Services, Wipro, Indian Space Research Organisation, Mastercard/Visa, Spectranet, Hathway, IDBI Bank and EY.
The dealer could have had access to usernames, email ids, passwords, organisation name, invoices and billing documents, and few more important fields, and could have potentially shut down an entire organisation.
This person or entity was offering this database for 15 bitcoins, which amounts to about Rs 42 lakh.
“Disrupting the internet is one small part of the real risks if the data falls into wrong hands," said Ankush Johar, director of BugsBounty.com, a crowd-sourced security platform for ethical hackers and organisations. "If exploited, a malicious user could infect even the most trusted and secured websites & servers to display real looking, backdoored pages and steal critical information of hundreds of millions of Indians.”