For the first time in the Indian history and probably in the world, the police officials of Hyderabad City of Telangana, India have arrested a gang for committing data thefts and selling data of appx 16.8 crore citizens including 1.2 crore belonging to WhatsApp, 17 lakhs from Facebook, 2.55 lakhs belonging to armed forces, 15 lakh PAN cards and some belonging to the Aadhaar, similar to that of social security number issued by the government of United States.
The data bust was revealed on March 23rd, 2023, after through verification conducted by the Chief of Cyberabad Police Commissioner, Stephen Ravindra.
According to the crime analysis conducted by the cops, all the accused, who have now been arrested, registered themselves on a renowned service search platform named ‘JustDial’ and started selling the data, as per the demand.
Since the siphoned data includes information related to the military, a special cyber-crime team has been assigned the task to investigate the information theft from espionage angle. As a portion of data belongs to the armed forces personnel and some government employees holding bureaucrat status- an enormous threat to national security as such, info is often used to launch phishing or other forms of social engineering attacks. Voter ID details weren’t leaked in the cyber-attack.
As Justdial has been found guilty for supplying personal info of online users to prospects, a legal action will be taken on the company, says a source from the Commissioner’s Office of Hyderabad.
Data accessed was found to have siphoned from company servers or 3rd parties having access and belonging to Flipkart, Amazon, BigBasket, Airtel, Vodafone, BigBasket, GST Taxpayers, UpStox Community, CRED Database, Loan applicants, Dominos Pizza, LinkedIn, Policy Bazar, and some gambling and betting websites.
Concerningly, some information belonging to Neet students of 2021 and Vedantu was also recovered by the police. The data trove also included information of about 40k individuals belonging to Instagram, Netflix India, Paytm, PhonePe, YouTube and Zomato.
The main accused named Kumar Nitish Bhushan has been taken into custody and after interrogation the cops came to know that the accused was making a living by selling the siphoned data and has till date purchased costly mobile phones, gold jewellery, performed a lavish wedding of one of his family members, arranged costly get-together of his friends on his own expenses, purchased some diamonds, a luxury car/s and is also constructing a house in Delhi NCR.
Coincidentally, the same Cyberabad police also arrested a few criminals who were involved in the crime of stealing credit card details of the Bank of Baroda and State Bank of India customers on pretext renewal or activation of blocked cards.
NOTE- Prime Minister Shri Narender Modi’s issued a ban on big currency notes of Rs 500, Rs 1000 denominations since November 2016 and since then whole of the sub-continent is marching towards digital payments. So, at this juncture, fraudulent data collection and data thefts can lead to more financial frauds on an alarming note.