Major data breach puts 6000 Indian businesses at risk, could affect internet services in India

Yet another data breach has hit Indian businesses, Seqrite Cyber Intelligence Labs and seQtree InfoServices has tracked an advertisement on DarkNet announcing secret access to the servers and database dump of over 6000 Indian businesses, according to an ET report. These businesses include both government and private organisations. It has identified the affected organisation as India's National Internet Registry: IRINN (Indian Registry for Internet Names and Numbers) which comes under National Internet Exchange of India (NIXI).

As a precautionary measure, Seqrite Intelligence Labs has reached out to government authorities and Asia Pacific Network Information Centre (APNIC) with a strong recommendation to alert all potentially affected organisations and urge them to change passwords and get their servers and systems patched with latest updates.

The hacker has priced the information at 15 Bitcoins and is offering network takedown of affected organizations for an unspecified amount. Along with the access, the hacker is also selling credentials, PII and various contractual business documents and claims to have access to a large database of Asia Pacific Network Information Centre (APNIC).

Seqrite said that an ongoing trend is seen with other recent data breaches. They then contacted the actor for further details, posing as an interested buyer, and were finally able to get a sample of the email list. The sample shared included the email address of a prominent Indian technology firm and another from the Indian government; eventually, a list of about 6000 emails was shared which led them to believe that the compromised database was from IRINN. Seqrite said that if the database was sold, then an attack on the system could disrupt Internet IP allocation and in-turn affect Internet services in India.