DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

In: 320,000 Patient Records From Ayush Jharkhand Gov Leaked on Hacking Forum

Posted on September 4, 2023 by Dissent

CloudSek reports:

  • On 14 August, CloudSEK’s contextual AI digital risk platform XVigil discovered a threat actor Tanaka sharing a database marked as bitsphere[.]in on an english speaking hacking forum.
  • Analysis of the database reveals that the following information has been leaked:
    • More than 3 lakh 20 thousand patient records containing their PII information and medical diagnosis.
    • 500 login credentials with multiple cleartext passwords as well.
    • Contact information of 737 people who used the contact us form
    • On investigation of the data, it was revealed that this data has been taken from the servers of ayush.jharkhand.gov.in which are developed by bitsphere.in.
    • This data was attributed to ayush jharkhand’s website by correlating chatbot data and blogpost data shared by the threat actor with the publicly available data on the website.

Read more of their findings on CloudSek.

Tanaka is a frequent contributor on a hacking forum that is also on clearnet, and has almost 150 listings that consist of databases, combolists, and other types of leaks. They were also on the previous version of BreachForums (Breached.vc), and do not appear to be a native English speaker.

Category: Breach IncidentsGovernment SectorHealth DataNon-U.S.

Post navigation

← Pizza Hut Australia customer data hacked; ShinyHunters claims to have more than 1 million customers’ information
Ukraine’s CERT Thwarts APT28’s Cyberattack on Critical Energy Infrastructure →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • ICE takes steps to deport the Australian hacker known as “DR32”
  • Hearing on the Federal Government and AI
  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Decision That Murdered Privacy
  • Hearing on the Federal Government and AI
  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.