Massive leak of government data, defense personnel detected, 7 arrested

The seven people arrested belonged to a gang involved in selling more than 140 different categories of information, including mobile phone numbers of NEET people and students, Cyberabad Police Commissioner Stephen Raveendra told reporters on Thursday. journalists in Hyderabad. They had sold data to at least 100 fraudsters, who used it to commit cybercrimes.

The defendants operated through three call centers in Noida and elsewhere and were arrested in Delhi.

“This will have serious implications for national security. The data of defense and government employees can be used for espionage, to impersonate them and to commit serious offenses that could compromise national security. We we are in the process of finding out how this data was leaked and who the insiders are doing it,” he added.

The accused sold data through a contact directory service provider and similar platforms and had sold the data of 50,000 citizens for as little as 2,000 rupees, police said.

Notices will be sent to service providers and they will be reviewed and legal action will also be taken against them, police said.

“When an individual calls the toll-free numbers of service providers for any industry or category of confidential data of individuals, their query is logged and sent to that category of service providers. Then these fraudsters contact the customers and send them samples. If the customer agrees to buy, he makes the payment and receives the data,” the police said, explaining the modus operandi.

The defendants had aggregated data disclosed by different organizations and, after registering as service delivery agents, sold the data to cybercriminals, police said.

Data sold with consent, but without people’s knowledge

DCP (Cybercrime Wing) Ritiraj said that a complaint has been filed with the Cyber ​​Crime Wing of the Cyberabad Police regarding the sale and purchase of confidential and sensitive data even as the police are also investigating how cybercriminals had access to the data. The police have been working on the case for two months.

Deputy Commissioner of Police (Crimes) of Cyberabad Police, Kalmeshwar Shingenavar said that during investigations, private organizations were found to be collecting data both with consent and without knowledge. individuals. There is no privacy or data protection policy offered by most of these private organizations that own and process individuals’ data, he said.

The defendants were also found selling information in categories such as the energy and electricity sector, PAN card data, government employees, gas and oil, HNI (high value individuals high net worth), demat accounts, student databases, women’s databases, data of people who applied for loans and insurance, and credit and debit card holders (from private banks ), WhatsApp users, Facebook users, employees of IT organizations, frequent travelers, etc.

NEET student data, with their names, mobile phone number and residential address, was also found with the accused. A PAN card database containing sensitive information about citizens’ income, email ids, phone numbers and address was also found.

As many as 1.2 crore WhatsApp users and 17 million Facebook users were also targeted in the data theft, police said. Police also found data regarding two crore students, 12 lakh CBSE Class 12 students, 40 lakh job seekers, 1.47 crore car owners, details of 11 lakh government employees and 15 lakh IT professionals , among others.

In addition, a database of three million individual mobile phone numbers, likely leaked by telecommunications service providers, was also found, the commissioner said.

Sensitive data that has been leaked can be used for unauthorized access to important organizations and institutions. PAN card data can be used to commit serious financial crimes. It is used to commit a large number of cybercrimes where perpetrators gain the trust of victims by disclosing such information, police added.

(including agency contributions)