Ukrainian researcher claims Provident Fund data leak of 28 crore Indians

UANs, Aadhaar and Bank account details allegedly leaked by hackers earlier this month.

By Digit NewsDesk | Published 08 Aug 2022 20:45 IST
  • Bob Diachenko, a Ukraine Researcher made the discovery of this leak.

  • PF of 28 crore consumers were leaked through two different IPs.

  • The leak was informed to CERT-In and the two IPs were taken down within a few hours.

Ukrainian researcher claims Provident Fund data leak of 28 crore Indians
Ukrainian researcher claims Provident Fund data leak of 28 crore Indians

About 28 crore consumers’ Provident Fund (PF) data was leaked by hackers in the beginning of August. Bob Diachenko, A cybersecurity researcher from Ukraine, discovered this on August 1. He found that Universal Account Number (UANs), names, marital status, Aadhaar details, gender, and bank account details were released online. He found two clusters of leaked data on two different internet portals. These IPs were hosted on Microsoft's Azure cloud storage service.

Bob Diachenko took to his LinkedIn to post about this leak. He discovered the UAN on two IPs. When he reviewed the clusters he found that the first cluster contained 280,472,941 records, whereas the second IP contained 8,390,524 records.

In his post, the researcher said he immediately was sure that he was looking at something big and important. He was not able to find who owned the data.

Both the IP addresses were hosted on Microsoft's Azure. Both were also Indian based but he wasn't able to obtain other information via a reverse DNS analysis.

On August 1, The Shodan and Censys search engines from Diachenko's Security Discovery firm found these clusters. It is still not clear how long the information was present online. The data could've been misused by hackers to access the PF accounts. The data like name, gender, Aadhaar details, could also be used to create fake identities and documents.

Indian Computer Emergency Response Team (CERT-In) was tagged in a post on Twitter disclosing the leak. In response, CERT-In first requested the report of the hack in an email. Thereafter, within 12 hours after his tweet, both IP addresses were taken down. No company or agency has taken responsibility for the leak yet according to Bob Diachenko.

For more technology newsproduct reviews, sci-tech features and updates, keep reading

Digit NewsDesk
Digit NewsDesk

Email Email Digit NewsDesk

Follow Us Facebook Logo Facebook Logo Facebook Logo

About Me: Digit News Desk writes news stories across a range of topics. Getting you news updates on the latest in the world of tech. Read More