A cyber security firm alleges that user and donor data of over five lakh people have been stolen from narendramodi.in, the personal website of Prime Minister Modi, and the details are on sale on the dark web.
Cyble, a US-based company specialising in real-time cyber threats to websites and organisations. alleged CERT-India about the breach on narendramodi.in
“There is a high possibility of the data being misused for criminal purposes as it contains personal details of over 570,000 users. This includes PIIs(Personally identifiable information) such as Name, Email ID, contact information, etc,” the company alleged in a blog post on October 16.
The data which was found to be on sale on Dark Web, includes details like contact information, email IDs, details of over two lakh people who have donated through the website to various funds, including to the coronavirus COVID-19 Relief fund, supporting the political party, and other initiatives, e.g. Swachh Bharat.
To get updates, follow us on https://twitter.com/Info_FHNews
On September 3rd, 2020 Twitter confirmed the narendramodi_in account with 2.5 million followers, was hacked.
On October 10th, 2020 Cyble was tipped off that the database of the website is available in the dark web.
Subsequently, the firm acquired and analyzed the data leak, which includes multiple databases. Among the databases leaked, ‘cctransactions’ and ‘users’ contain a substantial amount of PII(Personally identifiable information) data belonging to the Prime Minister’s followers.”
Cyble further added that “Another database which is part of the data leaked showcases details of the financial transaction made by donors for contributing to the fund. This includes non-public data such as bank_ref_no, payment_mode, etc. We estimate that out of 574K users listed on the database, over 292K of them appears to have made donations to the concerned website only.
Currently, there is no official update from CERT-In or from the narendramodi.in website denying or confirming the alleged breach on the site.