The Delhi Police recently arrested four people from different states in connection with the Indian Council of Medical Research (ICMR) data leak, shedding light on the massive data breach that exposed the personal information of over 81 million Indians.
The ICMR data leak came to light more than two months ago when the Central Intelligence Agency found that sensitive information, including Aadhaar and passport records, had been siphoned from the ICMR data bank and put up for sale on the dark web. During interrogation, the suspects claimed that apart from ICMR data, they also stole information from the US Federal Bureau of Investigation (FBI) and Pakistan’s Computerized National Identification Card (CNIC). According to a report in The Indian Express, the ICMR data leak was first reported To the Computer Emergency Response Team of India (CERT-In), which verified the authenticity of the data leak by cross-checking it with the relevant departments, prompting them to match it with the actual data.
Investigators discovered that data on approximately 1,000 individuals had been published as samples on the dark web. They selected 50 of these people and matched them, and when matches were found, they launched an investigation into the ICMR data leak. This led to the Delhi Police registering a First Information Report (FIR) earlier this month.
The arrested suspects were taken to a Delhi court and remanded in custody for seven days. Despite their different backgrounds, they are collectively accused of breaching the security and privacy of a large number of individuals through the ICMR data leak.
The ICMR data breach is an ongoing incident that highlights India’s cyber security vulnerabilities. Cyber Express is closely monitoring this situation and will update this article as more information becomes available about the hack and the individuals involved in this operation.
Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference only, and the user is fully responsible for its accuracy. Cyber Express is not responsible for the accuracy of this information or the results of its use.