New Delhi: Personal files and health records of at least 2.46 lakh personnel from the Central Industrial Security Force (CISF) have allegedly been exposed online owing to a data security lapse, claimed a report on Sunday.
A TechCrunch report cited an unnamed security researcher in India as saying that the researcher found a database packed with network logs generated by a security appliance connected to CISF’s network.
“But the database was not secured with a password, allowing anyone on the internet to access the logs from their web browser,” the report alleged.
The logs allegedly contained records for more than 246,000 full web addresses of PDF documents on CISF’s network.
Several of those logs contained personnel files, health records and personally identifiable information on CISF officers.
Some of the files are dated as recently as 2022, according to the report.
The researcher said the security appliance is built by India-based security company Haltdos.
The company, however, did not comment on the report.
In January, reports surfaced that Covid-19 data of over 20,000 Indians, including health workers, in PDF files were available on the Raid Forums website on the Dark Web, and the hacker claims that they were directly coming from a government CDN (content delivery network) server.
The same documents were available freely on Google Search as “List of Beneficiaries Enrolled for Covid Vaccine” with keywords like RT-PCR results.
India’s new water supply manual will replicate past failures
India embarks on the World’s largest film restoration project under National Film Heritage Mission
Indian Coast Guards rescue 32 Bangladeshi fishermen
First plant-based meat products consignment exported to USA from Gujarat
Mallikarjun Kharge takes charge as Congress president