A massive data breach has allegedly been reported in the Indian state of Tamil Nadu, where apparently data of over 600,000 migrant employees has been leaked on dark web.
A thread actor, who identified himself as Pills, claimed to have allegedly leaked the data. In a post on June 4, 2024, on the popular hacking site BreachForums, the threat actor claimed to be selling the complete database of migrant workers in Tamil Nadu.
Why Migrant Workers Flock to Tamil Nadu for Employment?
Tamil Nadu is one of the most industrialized states in India and is the country’s major hub for automobile manufacturing, textiles, agritech, and electronics parts and equipment. Owing to huge demand for workers in these sectors, which offer better salaries and continuous employment, laborers from other states tend to migrate to Tamil Nadu. Though the exact number of migrant workers currently working in the State is unknown, the number of workers registered on the Labor Department’s portal as of March 2023 is 600,000.
Portal to Track Migrant Workers in Tamil Nadu Allegedly Hacked
To keep track of the influx of migrant workers into the state and to ensure that they are provided with proper facilities, the Tamil Nadu Government launched a portal, http://labour.tn.gov.in/ism, in June 2023. Local entrepreneurs who employed these workers in shops, commercial establishments, hotels, restaurants, agriculture, schools, colleges, local bodies, and motor establishments were asked to create a login ID, submit details like a registration certificate, license number issued by the Labor Department, and fill in details about the migrant workers, such as their name, mobile number, date of birth, bank account details, address, and educational qualifications.
Additionally, migrant workers in the construction sector were asked to furnish their employment certificate, age proof (to ensure no minors below the age of 18 were employed), bank passbook, and documents for legal heir or nominee as a legal heir were to be submitted so that the kin of workers would be eligible for a claim of INR (Indian Rupees) 500,000 in case of death to the worker. Additionally, the workers were eligible for insurance coverage of up to INR 200,000.
Decoding Tamil Nadu Migrant Workers Data Breach
Thread Actor Pills on BreachForums has allegedly carried out a data breach on the above portal, which, at the time of writing this article, continues to remain inactive. According to the information posted by the threat actor, Pills is selling the full database of laborers, that includes a list of registered users and applications.
The price quoted by the TA for selling the database is, however, not clear. A closer inspection on the sample data shared by the threat actor revealed that there are 2,356,430 rows of applications, 101,446 rows of contractors and 66,917 rows of registered users.
The Tamil Nadu government officials are yet to react to this alleged data breach. The article would be updated based on further input.
This is not the first time that a key website of the Tamil Nadu Government has been breached. In May 2024, miscreants hacked the Facial Recognition Software (FRS) portal of Tamil Nadu police. The portal contained more than 60 lakh records of individuals, including pictures, names, FIR numbers, and details of police officers. It was being used by more than 46,000 people in the department across the state to identify and track suspects, missing people, and others through facial recognition.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
