Prime Minister Narendra Modi's personal website data has allegedly been leaked on the dark Web. The leaked data is said to include a “substantial amount” of personally identifiable information of lakhs of people. This includes name, email addresses, and mobile numbers, according to a report. The latest development comes just over a month after Prime Minister Narendra Modi's personal website's Twitter account was hacked. Several tweets were posted at that time, asking for people to donate cryptocurrency to the PM's National Relief Fund.
Cybersecurity firm Cyble claimed that it was tipped off on October 10 about the databases of the Prime Minister's personal website, Narendramodi.in, being available on the dark Web. Upon analysing the data leak, the firm allegedly found personally identifiable information of over 5,74,000 users, with over 2,92,000 of them appearing to have made donations through the website.
Indian Computer Emergency Response Team (CERT-In) did not immediately respond to a request for comment on the matter. There is also no official statement in response to the alleged leak on the dark Web.
Gadgets 360 wasn't able to independently verify the data leak. We reached out to Cyble regarding the reason behind the leak. To this, the firm's CEO Beenu Arora said, “The exact reason for this leak is unknown; however, a lot of the leaks, in general, occur for monetisation. In our opinion, given the gravitas of the website, we do recommend relevant authorities to strengthen further the security posture of their applications, especially third parties.” Information shared with Gadgets 360 by the firm shows that the data leak included donation details from Narendramodi.in.
One of the leaked databases is said to include details of financial transactions made by donors for contributing to the ruling Bhartiya Janta Party (BJP) through the Prime Minister's personal site. Some screenshots were shared with Gadgets 360 highlighting details including the names, email addresses, mobile numbers, and payment modes of the donors.
“With such a large repository of unauthorised personal information of Indian citizens, the data has a potential for being misused for malpractices such as phishing emails, spam text messages, etc,” the firm said in a blog post.
Databases from the Narendramodi.in website might have been extracted from AWS-hosted instances and related to its subdomains, according to the initial investigation made by the firm.
Alongside what has been analysed, the bad actor putting the data on the dark Web is likely to have accessed other documents and files of the Prime Minister's personal website. The website allegedly resulted in the breach of its Twitter account early last month. Cyble noted in the blog post that it informed CERT-In that the Twitter account was compromised through the website's configuration linked with Twitter.
Should the government explain why Chinese apps were banned? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts, Google Podcasts, or RSS, download the episode, or just hit the play button below.