Rural Business Incubator of Indian state of Uttarakhand has allegedly been targeted in a cyberattack, linked to threat actor ZALCYBER. Although the RBI data breach reportedly occurred in 2023, it has gained renewed attention due to claims made by the hacker collective on BreachForums.
The IMinistry of Rural Development spearheads various initiatives aimed at alleviating rural poverty through collaborative efforts between the Government of India and state governments.
Among these initiatives is the Rural Business Incubator (RBI), a collaborative program tailored to support youth with innovative business concepts, startups, and nano-enterprises in achieving their entrepreneurial objectives.
If confirmed, the reported RBI data breach could carry significant implications for both individuals and entities.
Addressing the RBI Data Breach
According to assertions made by ZALCYBER, two PDF files containing purportedly extensive data linked to the RBI were posted on BreachForums. One of these files includes applicant information, while the other encompasses administrative data.
In the post, the threat actor had listed RBI, the Reserve Bank of India, as the target. However, there was no data breach at the Reserve Bank of India, the central bank responsible for regulating the Indian banking system. Instead, the claims pertain to the Rural Business Incubator (RBI), a program designed to support innovative business ventures and startups. This was majorly due to the fact that both the bodies are called RBI.
The applicant data file comprised over 2000 records containing various personal identifiers, while the RBI admin file supposedly contained 48 records detailing stages, applications, and service descriptions.
While preliminary investigations tentatively suggest a potential association with individuals applying to the RBI’s enterprise incubation program, the authenticity of the leaked data remains uncertain.
The Cyber Express has reached out to the bank to learn more about the RBI data breach and the reliability of the data. However, at the time of writing this, no official statement or response has been received, leaving the claims for the data breach unverified.
Who is ZALCYBER?
ZALCYBER, a member of BreachForums since February 4, 2024, displays minimal activity with only 1 hour and 39 minutes spent online. Contributing to six threads and posts, they are still establishing their presence on the platform.
Despite their recent engagement, ZALCYBER is yet to earn any reputation points or awards, indicating their status as a newcomer within the community. With the potential for further involvement in discussions and activities, their profile suggests that ZALCYBER might be a new hacker group/individual within the forum.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
