Laura Dobberstein reports:
Indian infosec firm CloudSEK last week claimed it found records describing 750 million Indian mobile network subscribers on the dark web, with two crime gangs offering the trove of data for just $3,000.
CloudSEK named CYBO CREW affiliates CyboDevil and UNIT8200 as the vendors of a 1.8TB trove, which contains mobile subscribers’ names, phone numbers, addresses, and Aadhaar details.
CloudSEK stated its investigation of the trove saw threat actors claim to have “obtained the data through undisclosed asset work within law enforcement channels” rather than as a result of a leak from Indian telcos. CloudSEK said its initial analysis found that the leak affects all major telecom providers. “The leak of Personally Identifiable Information (PII) poses a huge risk to both individuals and organizations, potentially leading to financial losses, identity theft, reputational damage, and increased susceptibility to cyber attacks,” stated CloudSEK.
Source: The Register.