Recently, an unidentified threat actor using the pseudonym ‘dawnofdevil’ declared unauthorized access to an email account hosted on India’s Income Tax Department domain, incometax.gov.in. The individual claimed to have breached the department’s security, offering access for $500 and encouraging potential buyers to make contact privately. This alleged compromise raises substantial concerns about the confidentiality and integrity of sensitive data stored within the department, particularly as the compromised email could be exploited to register on various government-affiliated websites under the ‘gov.in’ domain.
The hacker’s assertion also implies that the breached email could bypass registration processes for websites tied to Indian government entities. While ‘dawnofdevil’ has reportedly tested the compromised email on multiple government-affiliated sites, the validity of these claims and the actual impact of the breach remain unverified. The Income Tax Department of India, responsible for the compromised domain, incometax.gov.in, has yet to comment or confirm the breach, highlighting the need for prompt investigations and enhanced security measures to prevent further unauthorized access and potential misuse of sensitive government data. As the cybersecurity community delves deeper into assessing the breach’s scope, it is essential to fortify security protocols to mitigate risks and protect vital government information.
Referral link
