Exposing the Vulnerabilities: Recent Data Breaches in India and Their Fallout – Part II

In 2023, India ominously secured the 5th position globally for data breaches, with 5.3 million accounts compromised out of 299.8 million worldwide. This stark figure underscores the nation’s precarious position in the face of escalating cyber threats. As India’s digital infrastructure continues to expand, it finds itself increasingly susceptible to breaches that threaten both individual privacy and institutional integrity.

This second part of our two-part series (first part linked here) examines some of the most significant data breaches of 2023-2024, highlighting their scale and impact. These incidents expose a critical vulnerability in India’s cybersecurity defenses, which remain ill-equipped to combat increasingly sophisticated threats.

Let’s continue exploring these breaches and offer strategies for organizations to better protect their digital assets in this evolving landscape.

Angel One Data Breach

One of the most prominent breaches in early 2024 was reported by Angel One, a Mumbai-based stockbroking firm. A hacker claimed access to sensitive customer data, including stock holdings and profit and loss statements. While the firm stated that this breach occurred in 2023, the exposed dataset contained information of over 7.9 million customers. Personal details such as email addresses, billing information, contact numbers, and mobile outage records were leaked. This breach highlighted the vulnerability of financial institutions and the severe consequences for customers whose sensitive information was compromised.

Surge in Cyber Attacks During Elections

The correlation between national elections and a rise in cyberattacks is another alarming trend observed in 2024. During the Indian general elections, from April to June, there was a marked increase in cyber incidents. This surge coincided with heightened national activity, with 388 data breaches, 107 data leaks, 39 ransomware attacks, and 59 cases of access sales or leaks being reported over a six-month period. The education, government, and technology sectors were the most targeted, while healthcare and banking also witnessed substantial breaches.

The ransomware group LOCKBIT 3.0 posed a significant threat during this period, and platforms like Breach Forum and Telegram emerged as breeding grounds for scams and data leaks. The rise in cybercriminal activity during critical national events emphasizes the need for proactive measures and vigilance during periods of heightened public engagement.

Aadhaar and COVID-19 Data Breaches

In late 2023, two major breaches rattled India’s digital infrastructure. The Aadhaar leak exposed the personal data of 815 million citizens, including names, addresses, Aadhaar, and passport details. Discovered by U.S.-based cybersecurity firm Resecurity, the database was listed for sale on the dark web for $80,000, with links pointing to the Indian Council of Medical Research (ICMR).

Simultaneously, a COVID-19 test data breach compromised the personal information of 81.5 crore Indians, including Aadhaar numbers and health records. While the government swiftly involved CERT-In, the full extent of the breach remains unclear, casting doubts on the security of national health data.

India’s Cybersecurity Readiness: A Grim Outlook

Despite the high volume of cyberattacks, only 4% of companies in India have achieved a mature level of cybersecurity readiness, according to the 2024 Cisco Cybersecurity Readiness Index. This statistic is particularly concerning given India’s status as a global digital hub and its rapid adoption of digital technologies across sectors. As India becomes more integrated into the global digital ecosystem, the need for advanced cybersecurity frameworks becomes increasingly apparent.

Protecting Against Data Breaches: Proactive Measures

The recent string of breaches in India highlights a critical need for enhanced cybersecurity measures across sectors. Here are some best practices for organizations to safeguard against potential threats:

Regular Security Audits: Conduct frequent vulnerability assessments to identify and patch weak spots in your cybersecurity infrastructure.

Data Encryption: Ensure all sensitive information is encrypted, both in transit and at rest, to protect against unauthorized access.

Employee Training: Cybersecurity awareness programs should be mandatory for employees to minimize risks from human error, which often serves as an entry point for attacks.

Incident Response Plans: Develop and maintain an updated incident response plan that outlines clear procedures to mitigate and recover from data breaches.

Two-Factor Authentication (2FA): Implement 2FA across all systems to add an extra layer of protection against unauthorized access.

Regular Backups: Regularly back up all critical data to minimize disruptions in case of a ransomware attack or breach.

The evolving cyber threat landscape demands that organizations in India, particularly in sectors like government, healthcare, and finance, prioritize cybersecurity as a key component of their operational strategy. By adopting proactive measures, businesses can mitigate the risk of data breaches and protect sensitive digital assets.