During the lockdown most part of the population is working from home and lots and lots of data is being transferred over the internet darknet eventually. Which is why cybercriminals have been readily active these days for they know that this scenario provides them a very lucrative and easy to have a fishing pond for their cybercrime activities.
Now, among all this a disturbing news has risen up which is that the personal details of about 2.9 crores Indian job seeker have been released over the darknet.
This is a very serious issue as the details contain very sensitive information ranging from personal identification details tp qualification, bank details, and whatnot. Which can be used by the hackers for potential data and identity theft.
The leak was traced by Cyble, Inc, a U.S.-based cyber intelligence firm founded by global cybersecurity expert Beenu Arora.
Following on the update, cyble posted a blog in which it was stated that the data can be accessed via a compressed file of 2.3 Gigs from the darknet. The data is a summation of resumes from job portals such as Naukri.com, Times Jobs, and much more.
Mr. Arora said, “A Russian-speaking threat actor is responsible for the leak, and it is likely that the data has been floating on the darknet for some time, unnoticed … it’s possible that the leak was made to get attention and rapport in the darknet markets. This reminds us of the same strategy recently deployed by ShinyHunters, a known cybercriminal responsible for Tokopedia, Unacademy, Wishbone, Mathway, and other leaks.”
Mr. Arora said, “Based on current analysis, the information is quite detailed and invasive, and a desirable ingredient for cybercriminals.”
Also, if you ever registered on these kinds of websites and need to check that if you’ve been hacked or not then head over to
Balsing Rajput, Superintendent of Police (Maharashtra Cyber), said. “Data breaches have a serious impact on users, and criminals use the leaked data to commit various cyber-attacks for financial gains or other motives. We are looking into the matter. Users need to update their passwords, opt for two-factor authentication, and conduct regular security checks.”
There are other websites that can be used to check if your data has been breached or not and one similar website is haveibeenpwned.com which is managed and owned by a cybersecurity expert and Special Inspector General of Police, Brijesh Singh.
Mr. Singh said, “If you find that your data has been breached, check your bank and financial statements immediately. If you find any anomaly, report to the bank/wallet/service provider and authorities without delay.”
As stated above the cybercriminal’s profit largely for these kinds of data such as in the case of Shiny Hunters who’ve sold the details of all those companies in millions. There are strong policies being developed against them as of now but more security is always the need of the hour.