Cybersecurity firm CloudSEK has uncovered a significant security threat as threat actors, affiliated with CYBOCREW, advertised a massive database containing 1.8 terabytes of data, including 750 million Indian phone numbers. The dataset reportedly not only includes phone numbers but also names, addresses, and Aadhaar details, affecting consumers of major Indian telecom providers. The threat actors, named CyboDevil and UNIT8200, have been linked to CYBOCREW, a relatively new threat group that emerged in July 2023. The database was offered for sale on an underground forum by CyboDevil, with a similar post shared by UNIT8200 on Telegram, demanding $3,000 for the entire dataset.
CloudSEK’s analysis suggests that the leaked data impacts all major telecom providers in India. The threat actors, however, deny any involvement in the breach and claim to have obtained the data through undisclosed work within law enforcement channels. The database poses a significant risk as it contains sensitive information of 750 million individuals, which represents over half of India’s population (1.4 billion). The threat group CYBOCREW has been associated with major breaches targeting organizations in various sectors, including automobile, jewelry, insurance, and apparel.
The emergence of such a massive database underscores the growing challenges of data security and the persistent threats posed by cybercriminals. The sale of comprehensive personal information on an underground forum raises concerns about potential misuse and underscores the need for enhanced cybersecurity measures to protect individuals’ sensitive data. As the threat landscape evolves, organizations and individuals alike must remain vigilant and adopt robust security practices to safeguard against cyber threats and data breaches. The incident also highlights the importance of international cooperation and law enforcement efforts to combat cybercrime effectively.