Data of 750 million Indian Mobile Users Sold on the Dark Web

Written by Mitchell Langley


February 2, 2024

Data of 750 million Indian Mobile Users Sold on the Dark Web

According to a report from cybersecurity company CloudSEK, a vast database containing the personal information of approximately 750 million Indian Mobile Users made available for sale on the dark web earlier this month.

Data of 750 million Indian Mobile Users Contain 1.8 terabytes of Personally Identifiable Information

The database in question, which spans a size of 1.8 terabytes, includes a wide range of personal information such as names, mobile phone numbers, addresses, and Aadhaar details with the Aadhaar number, a unique identifier used for identification purposes.

As per CloudSEK’s report, the extensive database of Indian mobile network subscribers was advertised on an underground forum by a threat actor named CyboDevil. The threat actor priced the database at $3,000.

Upon analyzing a sample dataset shared by the threat actor, CloudSEK discovered that the information included in the database pertains to subscribers from all major telecom providers in India. Given the vast size of the database, it is estimated to impact approximately 85% of the Indian population.

Threat Actor CyboDevil that Leaked Data of 750 million Indian Mobile Users is Associated with the CyboCrew Group

Approximately two weeks ago, an individual identified as Unit8200 made available a similar dataset on Telegram. It is worth mentioning that both Unit8200 and CyboDevil are associated with the CyboCrew group, known for its activities since July 2023, including potential involvement in multiple data breaches.

CloudSEK reports that when questioned about the origin of the data, the threat actor denied obtaining it through a data breach. Instead, they claimed to have acquired the information through undisclosed asset work within law enforcement channels.

โ€œThe magnitude of this data leak cannot be overstated. With the personal information of 750 million individuals exposed, the potential for cyberattacks and identity theft is unprecedented.

Telecom service providers and the government must validate the data and identify the loophole. This breach underscores the critical need for organizations and individuals to prioritize cybersecurity measures and remain vigilant,โ€

CloudSEK researcher Sparsh Kulshrestha said.

CloudSEK has taken proactive measures by notifying the appropriate authorities and the potentially affected organizations about the breach.

The implications of this leaked information are concerning, as it can be exploited for various malicious activities, including identity theft, financial fraud, scams, and other malicious attacks. It is crucial for individuals and organizations to remain vigilant and take necessary precautions to safeguard their personal and sensitive data.

Related Articles

Daixin Ransomware Claims Omni Hotels Cyberattack

Daixin Ransomware Claims Omni Hotels Cyberattack

The Daixin Team ransomware gang has taken responsibility for a recent cyberattack on Omni Hotels & Resorts and is currently issuing threats to publish sensitive customer information unless a ransom is paid. This development comes after the hotel chain experienced...

Stay Up to Date With The Latest News & Updates

Join Our Newsletter


Subscribe To Our Newsletter

Sign up to our weekly newsletter summarizing everything thats happened in data security, storage, and backup and disaster recovery

You have Successfully Subscribed!