December 3, 2020


Prime Minister’s Private Website Data Leaked

Prime Minister Narendra Modi’s private website data has ostensibly been leaked on the dark Web. The leaked data is said to contain a considerable amount of personally recognizable data information of lakhs of citizens. It contains names, email addresses, and phone numbers. The newest development comes just over one month after PM’s private website’s Twitter account was hacked. Various tweets were posted which asked people to donate cryptocurrency to the Prime Minister’s National Relief Fund.

As per a Cybersecurity firm, the databases of the Prime Minister’s personal website, Narendramodi.in, are available on the dark Web. Upon examining the leaked data, the company has allegedly found personally distinguishable information of over 5 lakh plus users, with over 3 lakh of them appeared to have made donations via the website.

Indian Computer Emergency Response Team did not directly reply to a request for comment on the issue. Also, there is no certified statement in response to the suspected leak on the dark Web.

 

Image from Cyble

 

The firm’s CEO has recently said that the precise reason for this leak is not known; although, a lot of the leaks, occurred for monetization. In our opinion, given the seriousness of the website, they recommend pertinent establishments to reinforce further the safety posture of their apps, specifically 3rd parties.

One of the leaked databases has details of financial payments made by donors for donating to the ruling BJP via PM’s personal website. Some screenshots highlighted details containing the names, email, phone numbers, and transaction modes of the donors.

As per the primary investigation done by the corporation, Databases from the website might have been taken from AWS-hosted instances and they were related to its subdomains.

In conjunction with what has been examined, it is likely to have retrieved other documents and files of PM’s private website. It allegedly gives rise to the breach of its Twitter account previously in September. Cyble has noted that it has informed CERT-In that the Twitter account was compromised via the website’s configuration linked with Twitter.