Over 1 lakh national IDs of Indians put on dark net for sale: Cyber intelligence firm

The scanned ID documents indicate that the data may have been leaked from a company's data base. (Photo: iStock)


Over 1 lakh scanned copies of Indians’ national IDs, including Aadhaar, PAN card and passport, have been put on dark web for sale, cyber intelligence firm Cyble said on Wednesday.

The leaked data seems to have originated from a third party and not from the government system, according to a report by Cyble.

“We came across a non-reputed actor who is currently selling over 1 lakh Indian National IDs on the dark net. With such a low reputation, ideally, we would have skipped this; however, the samples shared by the actor intrigued our interest — and also the volume. The actor is alleged to have access to over 1 lakh IDs from different places in India,” Cyble said.

The personal data leaked by cyber criminals leads to various nefarious activities such as identity thefts, scams, and corporate espionage. Many criminals use the personal details in the IDs to win trust of the people over a phone call for fraudulent activities.

The Cyble researchers acquired around 1,000 IDs from the seller and confirmed that the scanned IDs belong to Indians.

“Preliminary analysis suggests that the data originated from a third party, and no indication or artefact is indicating that it came from a government system. At this point, Cyble researchers are still investigating this further — we are hoping to share an update soon,” Cyble said.

The scanned ID documents indicate that the data may have been leaked from a company’s data base in the segment where they have to comply with ‘Know Your Customer’ (KYC) norms.

“Cyble researchers have also learned about a surge in KYC and banking scams — leaks such as this are often used by scammers to target individuals, especially elderlies,” Cyble said.

The cyber intelligence firm has recommended people to refrain from sharing personal information especially financial information over phone, e-mail or SMS.

“Regularly monitor your financial transaction, if you notice any suspicious transaction, contact your bank immediately,” the company said.

In May, Cyble showed two instances where personal data of 7.65 crore Indians have been put on sale in the dark web. In one instance, the seller claimed to have sourced data of 4.75 crore Indians from online directory Truecaller and in other, the seller claimed to have sourced from job websites.

Truecaller, however, had denied the claim of breach in its database.