Details of 2.90 crore job seekers on dark net-THE HINDU-24-05-2020

Details:

Personal details of about 2.90 crore Indian job seekers have been found dumped on the dark net, raising concerns among cyber crime agencies and experts in India over a massive data breach. The data leak was uncovered on Friday by Cyble, Inc, a U.S. -based cyber intelligence firm founded by global cybersecurity expert Beenu Arora.

On Saturday morning, Cyble posted an update on its official blog that the names, addresses and contact numbers belonged to job seekers from cities such as Mumbai, Chennai, Delhi, Hyderabad, Pune and Bengaluru. The data is available for free download in a 2.3-gigabyte compressed file, according to the blogpost.

This reminds us of the same strategy recently deployed by ShinyHunters, a known cybercriminal responsible for Tokopedia, Unacademy, Wishbone, Mathway, and other leaks. ShinyHunters leaked details hacked from Tokopedia, Indonesia’s largest online store, for free and later sold them for millions of U.S. Spurred by their success, ShinyHunters went on to target at least 10 more servers, including Unacademy, an Indian learning platform.

Cyble, in its blogpost, said it has acquired the leaked data and job seekers can register at AmIbreached. Com, its data breach monitoring and notification service, to confirm if their information is part of the data.

Indian cyber crime investigation agencies are also trying to trace the source of the leak and find out more about the hacker, sources confirmed. “Data breaches have a serious impact on users, and criminals use the leaked data to commit various cyber attacks for financial gains or other motives.

Brijesh Singh, cyber expert and Special Inspector General of Police, said people can find out if their details have been hacked by checking websites like haveibeenpwned. Com, which maintain databases of breached data.