Government's Parivahan website user data reportedly exposed on dark web


By MYBRANDBOOK


Government's Parivahan website user data reportedly exposed on dark web

The government's Parivahan website has likely suffered a data breach, exposing its source code and sensitive data of 10,000 users.

 

According to Cybersecurity firm CloudSEK, its AI digital risk platform found a threat actor sharing the source code of Integrated Road Accident Database (iRAD), an initiative of the Ministry of Road Transport and Highways (MoRTH), on a cybercrime forum.  

 

iRAD, funded by the World Bank, aims to improve road safety in the country. 

 

The data breach was detected by the cybersecurity firm on August 2. "Our source was able to obtain the source code, totaling 165 MB in size. Most of the code is written in PHP," says CloudSEK. 

 

"We have found several sensitive assets embedded in the code. The code contained hostnames, database names, and passwords. The usernames and passwords used in the source code were quite simple and could be prone to brute-force attacks with local access to the server," it says. 

 

"We observed that the source code includes references to sms.gov.in, a NIC SMS Gateway that enables government departments to integrate and send citizen-centric SMS to Indian nationals," the cybersecurity firm adds. 

 

Additionally, CloudSEK says the URL embedded in the source code includes fields for username and password, which, if misused, might inadvertently grant unauthorised individuals the ability to send messages to recipients. 

 

The leaked information could be used to gain initial access to the website's infrastructure, the cybersecurity firm says, while further adding that if the leaked passwords are not encrypted, it could enable account takeovers. Commonly used passwords or weak passwords could lead to brute force attacks, CloudSEK claims, adding it would equip malicious actors with the details required to exfiltrate data and maintain persistence. 

 

The data security firm finally suggests implementing a strong password policy and enabling MFA (multi-factor authentication) across logins.  

 

"Patch vulnerable and exploitable endpoints. Monitor for anomalies in user accounts, which could indicate possible account takeovers. Scan repositories to identify exposed credentials and secrets," it advises. 

 E-Magazine 
 VIDEOS  Placeholder image

Copyright www.mybrandbook.co.in @1999-2024 - All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.
Other Initiatives : www.varindia.com | www.spoindia.org