MY BRAND BOOK Government's Parivahan website user data reportedly exposed on dark web

Government's Parivahan website user data reportedly exposed on dark web

By MYBRANDBOOK

The government's Parivahan website has likely suffered a data breach, exposing its source code and sensitive data of 10,000 users.

According to Cybersecurity firm CloudSEK, its AI digital risk platform found a threat actor sharing the source code of Integrated Road Accident Database (iRAD), an initiative of the Ministry of Road Transport and Highways (MoRTH), on a cybercrime forum.

iRAD, funded by the World Bank, aims to improve road safety in the country.

The data breach was detected by the cybersecurity firm on August 2. "Our source was able to obtain the source code, totaling 165 MB in size. Most of the code is written in PHP," says CloudSEK.

"We have found several sensitive assets embedded in the code. The code contained hostnames, database names, and passwords. The usernames and passwords used in the source code were quite simple and could be prone to brute-force attacks with local access to the server," it says.

"We observed that the source code includes references to sms.gov.in, a NIC SMS Gateway that enables government departments to integrate and send citizen-centric SMS to Indian nationals," the cybersecurity firm adds.

Additionally, CloudSEK says the URL embedded in the source code includes fields for username and password, which, if misused, might inadvertently grant unauthorised individuals the ability to send messages to recipients.

The leaked information could be used to gain initial access to the website's infrastructure, the cybersecurity firm says, while further adding that if the leaked passwords are not encrypted, it could enable account takeovers. Commonly used passwords or weak passwords could lead to brute force attacks, CloudSEK claims, adding it would equip malicious actors with the details required to exfiltrate data and maintain persistence.

The data security firm finally suggests implementing a strong password policy and enabling MFA (multi-factor authentication) across logins.

"Patch vulnerable and exploitable endpoints. Monitor for anomalies in user accounts, which could indicate possible account takeovers. Scan repositories to identify exposed credentials and secrets," it advises.

BREAKING NEWS

Cisco announces AI-native secure Wi-Fi 7 for future-ready employe...

Announcing a major leap in wireless technology, Cisco has launched its Wi...

The BSE benchmark Sensex tumbled over 800 points, leaving investo...

The BSE benchmark Sensex recently experienced a significant drop, tumblin...

North Korean GPS Interference Disrupts Air Traffic...

South Korea's military has publicly accused North Korea of disrupting GP...

US ordered TSMC to halt chip shipments to China...

TSMC has had regular discussions with the government on export control issu...

TECHNO TRENDS

Nazara and ONDC set to transform in-game monetization with ‘

Nazara Technologies has teamed up with the Open Network for Digital Comme...

Jio Platforms and NICSI to offer cloud services to government

In a collaborative initiative, the National Informatics Centre Services In...

BSNL awards ₹5,000 Cr Project to RVNL-Led Consortium

A syndicate led by Rail Vikas Nigam Limited (abbreviated as RVNL), along wi...

Pinterest tracks users without consent, alleges complaint

A recent complaint alleges that Pinterest, the popular image-sharing platf...

E-Magazine

TECHNOTAINMENT

Eloelo teams up with Elvish Yadav for India's biggest digital

Netflix adds 'Moments' feature for saving, sharing scenes from

Netflix has introduced a new “Moments” feature on its mobile app, whic

Jacqueline Fernandez come together with YouTuber Mr. Beast for

Jacqueline Fernandez has partnered with American YouTuber Mr. Beast to b

MOVERS & SHAKERS

Kamal Nath quits SIFY Technologies

Visa elevates Rishi Chhabra as new Country Manager for India

Rishi holds a Master’s in Industrial Engineering from The Ohio State Univ

Genesys welcomes Albert Nel as Senior VP and Regional Sales Le

Genesys continues to deepen its investment in the APAC region. Earlier this

OPEN YOUR EYES

India is the fastest growing digital economies, Shaping Towards the New Normal

A question arises on how would be the future of the workplace?

Many corporates says, Remote Conference Is Inspiring Technology For Good

CIO’s should have the understanding "Jugaad" to overcome technology challenges

Rising Uncertainty On The Start-ups At The Verge Of Collapse

INTERVIEWS

Cisco building a trusted and resilient future for the nation

Alpha Max offers high end solutions in the network space to en

The vision at Alpha Max is to attain quality as the trademark and create a

In India, 88% of Indian business leaders are planning to inves

As we move through 2024, it has become increasingly clear that AI is not ju

HOT PICK

BOULT unveils AmpVault V10 & V20 powerbanks: Fast charging, sa

SonicWall Launches TZ80: A Powerful Solution for Remote Office

SonicWall announced today the launch of the TZ80, a groundbreaking securit

Gigabyte X3D Turbo: A Gaming Revolution

GIGABYTE X3D Turbo Mode is a cutting-edge feature that unifies cores distr

MAKE IN INDIA BRANDS

FIRE BOLTT

INFOSYS TECHNOLOGIES PVT. LTD.

BEETEL TELETECH LTD.

SAMSUNG INDIA ELECTRONICS LTD.

EMINENT CIO'S OF INDIA

AIM TO PUT IA SOLUTIONS WITH A WIDE “GENERAL INTELLIGENCE” SCOPE INTO PRACTICE

Our firm is fortunate to be led by distinguished i...

SUSTAINING SUCCESS BY DELIVERING VALUE TO CUSTOMERS

This includes conducting regular audits, risk asse...

AI SYSTEMS ARE ENABLING A SEISMIC SHIFT IN THE WORLD OF CYBERSECURITY

AI’s analytical prowess enables it to analyze an...

ICONS OF INDIA

Icons Of India : NATARAJAN CHANDRASEKARAN

Natarajan Chandrasekaran (Chandra) is the Chairman of Tata Sons, the h...

Icons Of India : NANDAN NILEKANI

Nandan Nilekani is the Co-Founder and Chairman of Infosys Technologies...

Icons Of India : MUKESH D. AMBANI

Mukesh Dhirubhai Ambani is an Indian businessman and the chairman and ...

PARTNER SPEAKERS

Aiming To Elevate Value Proposition With Strategic Initiatives

Inflow Technologies leverages data-driven insights to gauge brand awareness an...

Revolutionizing surveillance industry with innovative range of accessories

Adoption of digital technology is essential for real growth and without this s...

Ensuring Mutual Success By Aligning Partner's Needs

The IT industry is one of the most dynamic industries. Here, not only does the...

PSU

EESL - Energy Efficiency Services Limited

EESL is uniquely positioned in India’s energy sector to address ener...

HPCL - Hindustan Petroleum Corporation Ltd.

HPCL is an integrated oil and gas company involved in refining, market...

TCIL - Telecommunications Consultants India Limited

TCIL is a government-owned engineering and consultancy company...

VIDEOS

Top 25 Brands

Most Trusted Brands 2024 : Ingram Micro India

Ingram Micro India’s strong brand connection is built on its distribution ne...

Most Trusted Brands 2024: Apple India Pvt. Ltd.

five decades after its founding, Apple has redefined modern computing, emphasi...

Most Trusted Brands 2024 : Samsung Electronics Co. Ltd.

Samsung invests heavily in marketing campaigns to promote...

Global Indian industry

Indian Tech Talent Excelling The Tech World - JAY CHAUDHRY, CEO – Zscaler

Jay Chaudhry, an Indian-American technology entrepreneur, is the CEO a...

Indian Tech Talent Excelling The Tech World - Sanjay Mehrotra, CEO- Micron Technology

Sanjay Mehrotra, the President and CEO of Micron Technology, is at the...

Indian Tech Talent Excelling The Tech World - Vinod Dham, Founder & Executive Managing Partner, IndoUS Venture Partners

Vinod Dham, known as the “Father of the Pentium Chip,” has left an...

STARNITE AWARDS 2024

ITFORUM 2024

CMO of the Year

WOMEN LEADERSHIP

IMAGE GALLERY

TRENDS IN TECHNOLOGY