In early October 2023, Resecurity’s HUNTER (HUMINT) unit identified millions of personally identifiable information (PII) records, including Aadhaar card numbers, belonging to Indian residents, being offered for sale on the Dark Web.
An Aadhaar is a unique, 12-digit individual identification number issued by the Government of India. Beyond the PII found on traditional ID documents, Aadhaars include “core biometrics,” including 10 fingerprints and two iris scans. There are roughly 1.4 billion Aadhaars issued since this ID service launched in 2009.
On October 9, 2023, a threat actor going by the alias ‘pwn0001’ posted a thread on Breach Forums brokering access to 815 million “Indian Citizen Aadhaar & Passport” records. This represents about 55% of India’s total population. The entire dataset was offered for sale for $80,000.
The leak of PII data containing Aadhaar and other details of Indian residents on the Dark Web creates a significant risk of digital identity theft. Threat actors leverage stolen identity information to commit online banking theft, tax refund frauds, and other cyber-enabled financial crimes. Resecurity observed a spike in incidents involving Aadhaar IDs and their leakage on underground cybercriminal forums by threat actors looking to harm Indian nationals and residents. To mitigate this risk, Resecurity acquired the published data set on Dark Web and notified victims of the leaked identities.
Read more about it here.