A threat actor known as ‘Fredens-of-security’ on BreachForums has reportedly taken credit for exposing sensitive data linked to India’s Ministry of Food Processing Industries and purportedly leaked a database associated with India’s Ministry of Health & Family Welfare.
On August 10, 2023, the threat actor made claims for the Indian ministry data breach, targeting the Indian Ministry of Food Processing Industries and the Ministry of Health & Family Welfare.
The claims on the BreachForums platform alleged that a substantial amount of data was compromised in these breaches. However, a closer examination of the details casts doubt on the authenticity of the threat actor’s claims.
While these claims remain uncertain, the potential implications of the Indian Ministry data breach cannot be ignored.
Indian Food Processing Ministry Data breach
According to the posted information, Fredens of Security boasted about leaking a significant amount of data linked to India’s Ministry of Food Processing Industries.
The alleged Indian Food Processing Ministry data breach involved a dataset amounting to 4.5GB, purportedly containing 3 million records.
These records included sensitive information such as phone numbers, email addresses, and house numbers. While Fredens of Security showcased a sample of the compromised data, they did not provide access to the complete dataset.
Further investigation into the sample data indicated that the compromised information potentially originated from the District Resource Person (DRP) and District Nodal Officer (DNO) contacts list.
This list, publicly available on the Ministry’s website, raises skepticism about the authenticity of the Food Processing Ministry data breach.
Indian Ministry of Health data breach
Along with the Food Processing Ministry data, the Fredens of Security hacker group also asserted responsibility for breaching the Ministry of Health & Family Welfare, purportedly accessing a 1.9GB SQL file containing 1 million records.
These records encompassed private information, such as email addresses, telephone numbers, full names, and home addresses.
Similarly to the Food Processing Ministry data breach, Fredens of Security provided sample records for the Ministry of Health data breach but did not offer access to the complete dataset.
According to open source search for the sample data, the sourced data from the Indian Ministry of Health data breach was linked to the Rehabilitation Council of India. It was already publicly accessible via the council’s website.
Treat actor’s claim of Indian Ministry data breach true?
The Cyber Express, in an attempt to verify the validity of the Food Processing Ministry data breach and the Indian Ministry of Health data breach, reached out to the concerned ministries for comments. However, an official response is yet to be received.
The assertions made by Fredens of Security regarding the data breaches within Indian ministries have sparked considerable concern and demand vigilant consideration.
This is particularly critical as the nation approaches its 77th Independence Day on the 15th of August, marking a significant milestone of 76 years since attaining freedom.
While the threat actor claims responsibility for the data breaches in the Food Processing Ministry and the Indian Ministry of Health, confirmation is still pending.
We will provide further updates on this report upon receiving a response from the alleged breached ministries.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
