Saturday, June 12, 2021

Data breaches expose emails, passwords of several government officials to hackers

 

New Delhi: Emails and passwords of hundreds of Union government officials have been exposed to hackers due to the recent data breaches of Air India, Domino’s and Big Basket, the government has warned officials.

The internal communication, accessed by The Hindu, said the compromised emails on government domains such as @nic.in and @gov.in are potential cyber threats as they are being used by “adversaries” to send malicious mails to all government users.

Days after the alert was sent on June 10, several government offices, including Defence Ministry officials, were targeted by a malicious web link sent on WhatsApp and SMS, asking them to update their vaccination status.

Air India informed passengers on May 15 that its passenger service system, provided by multi-national IT company SITA, was subjected to a sophisticated cyber attack in the last week of February which affected around 45 lakh “data subjects” in the world registered between August 26, 2011 and February 3, 2021. Government officials are frequent Air India flyers.

The alert sent to officials said, “It is intimated that recent data breaches of Air India and other companies like Domino’s, Big Basket etc. have resulted in exposure of e-mail ID and passwords of many users, which includes lots of government email IDs as well. All such compromised gov. domain emails are potential cyber threats as they are being used by the adversaries to send out malicious mails to all gov email users. It may please be noted that largely these are name based email IDs which are available with the malicious actors.”

It added that the malicious actors try to attack the government officials through various means such as phishing where attackers send e-mails to officials and make them click on such attachment or web-link and provide permission. “Either their systems will get infected/compromised or e-mail credentials will be captured by C&C (command and control) server under control of adversaries… Emails coming from any such random user of .gov domain, on any subject line, asking to click on a link or download an attachment are to be considered as malicious and to be ignored and to be deleted. Users are advised to change the password of their e-mail ID which is registered with Air-India, Dominos etc,” the alert mentioned.

The Air India breach involved details like name, date of birth, contact information, passport information, ticket information, Star Alliance and Air India frequent flyer data (but no passwords data were affected) as well as credit cards data but no passwords or CVV/CVC numbers were affected.

The airline has said that it is “in liaison with various regulatory agencies in India and abroad, and has apprised them about the incident in accordance with its obligations”.

In response to a query from The Hindu on whether it was contacted by Indian cyber security agencies, SITA replied, “SITA has been engaged with and [is] assisting law enforcement agencies in a number of jurisdictions with their investigations into the incident. SITA has also communicated and cooperated with cyber-security and data protection regulators in a number of jurisdictions. We were not approached by the Indian Defence Cyber Agency(DCA)...” The DCA was recently set up under the Integrated Defnce Staff to probe cyber security threats.

12/06/21 Vijaita Singh/Jagriti Chandra/The Hindu

To Read the News in full at Source, Click the Headline

0 comments:

Post a Comment