Earlier this month, the provident fund (PF) data of around 28 crore Indians was leaked by hackers. Bob Diachenko, a cyber security researcher from Ukraine, conducted a search on August 1 and found that details such as Universal Account Number (UAN), name, marital status, Aadhaar details, gender and bank account details had surfaced online. According to Diachenko, they found two different Internet Protocol (IP) addresses hosting the two groups of leaked data. Both of these IPs were hosted on Microsoft’s Azure cloud storage service.
Cyber security researcher Bob Diachenko elaborates on the leak Post on LinkedIn. On 2 August, Diachenko discovered two different IP groups of data that contained an index called UAN. On reviewing the clusters, they found that the first cluster contained 280,472,941 records, while the second IP contained 8,390,524 records.
“After a quick review of the samples (using a simple browser), I was sure I was overlooking something big and important”, Diachenko said in his post. However, he was not able to ascertain who owns the data. Both IP addresses were hosted on Microsoft’s Azure platform and were India-based. He was not able to obtain other information through reverse DNS analysis.
These clusters were found by the Shodan and Sensys search engines of Diachenko’s SecurityDiscovery firm on August 1. However, it is not clear how long this information was available online. The data could have been misused by hackers to gain access to the PF account. Data like name, gender, Aadhaar details can also be used to create fake identities and documents.
Researcher tagged the Indian Computer Emergency Response Team (CERT-In) in a Tweet Informed them about the leak. CERT-In responded to his tweet and asked him to report the hack in an email. Both the IP addresses were taken down within 12 hours of his tweet. Diachenko says no company or agency has come forward to claim responsibility for the hack since Aug.