Breach, Threat Management, Data Security

Hackers hold 275M records on Indian citizens for ransom after removing them from open database

One week after a researcher revealed a publicly configured database exposing more than 275 million sensitive records on Indian citizens, a hacking group removed that data and replaced it with an apparent ransom note.

The 275,265,298 records appear to have been collected in a large-scale data scraping operation, according to researcher Bob Diachenko, who found the open MongoDB database and disclosed the matter to the public on May 1. The records include personally identifiable information such as names, email addresses, gender, education level and area of specialization, professional skills, mobile phone numbers, places of employment, employment histories, birth dates and current salaries.

In a blog post yesterday, Diachenko said he had also privately alerted the Indian CERT, yet the database remained open and searchable through May 8, at which time the "Unistellar" hacking group replaced its contents with a message. While the message contained "no specific demands," it did include an email address for the database owner to contact so they could "negotiate the return of data,"
Diachenko told SC Media.

Hosted on Amazon AWS infrastructure, the database was first indexed on April 23, 2019. Diachenko was unable to determine who set up the database. However, "The structure and names of the collections in the database hinted that data was likely collected by anonymous person or organization as part of a massive scraping operation," the researcher concluded in his post.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Related

Nova Scotia Power breach impact detailed

Nova Scotia Power, the Canadian province's leading electric utility, has confirmed having its customers' data pilfered more than a month before the discovery of a systems breach in late April, The Record reports.

Data breach compromises Dior’s Chinese, Korean clients

Data breach compromises Dior's Chinese, Korean clients BleepingComputer reports that French multinational luxury fashion brand Dior has been impacted by a cyberattack last week, which was confirmed to have resulted in the exposure of data from its Chinese and South Korean customers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

BitCovert ChannelsCryptographic Algorithm or HashCyclic Redundancy Check (CRC)Data Encryption Standard (DES)Data WarehousingDeauthentication AttackDefacementDiffie-HellmanDigital Envelope

You can skip this ad in 5 seconds