Govt's Swachh City platform hacked, data of 1.6 cr people at risk: Researchers


New Delhi, Sep 28 (IANS): Cyber-security researchers on Wednesday revealed that hackers have compromised the swachh.city platform, an initiative of the Swachh Bharat Mission in association with the Ministry of Housing and Urban Affairs, that could put "critical information" of nearly 1.6 crore (about 16 million) users at risk.

From the data sample that was disclosed by the threat actor to substantiate his claim on the Dark Web, researchers were able to assess registered email addresses, password hashes, registered phone numbers, transmitted OTP information, login IPs, individual user tokens, and browser fingerprint information of the affected users.

The threat intelligence team of AI-driven Singapore-headquartered CloudSEK said the breach of the Swachhata Platform is the handiwork of threat actor LeakBase.

The finding showed that critical information of approximately 16 million users could be ending up in the wrong hands.

"The adversary, going under the monikers of LeakBase, Chucky, Chuckies, and Sqlrip on underground forums has shared a database containing Personal Identifiable Information (PII) such as email addresses, hashed passwords, User IDs etc, that allegedly affects 16 million users of the swachh city platform," the researchers noted.

LeakBase often operates for financial gain and conducts sales on its marketplace forum on the Dark Web.

"The database of size 1.25 GB has been disclosed under the post and has been hosted on a popular file-hosting platform," informed the team.

LeakBase also offers access to admin panels and servers of most CMS (content management systems).

"As individuals whose personal details such as phone numbers and email addresses are advertised for sale, there is a strong possibility of it being used against them," said CloudSEKA.

This information can be harvested by threat actors to conduct phishing, in the form of fake breach notice emails from Swachh City, and social engineering to reveal more sensitive information.

It would equip malicious actors with details required to launch sophisticated ransomware attacks, exfiltrate data, and maintain persistence, warned researchers.

This information can also be aggregated to further be sold as leads on cybercrime forums.

"Implement a strong password policy and enable MFA (multi-factor authentication) across logins. Patch vulnerable and exploitable endpoints and monitor for anomalies in user accounts, which could indicate possible account takeovers," advised the researchers.

 

  

Top Stories


Leave a Comment

Title: Govt's Swachh City platform hacked, data of 1.6 cr people at risk: Researchers



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.