Breaches are happening everywhere regardless of the companies. Whether big or small, cybercriminals have elevated their ways to hack into systems no matter the status of the company. Several breaches occurred earlier this year, and now, the Swachh City Platform can be added to the mix.
The Indian complaint redressal platform disclosed the breach and stated that it has affected over 16 million users. That’s a huge number that puts a lot of them at risk. We’re talking identity theft, smishing, social engineering, as well as phishing practices.
When a company with such a database is breached, the impact will be devastating. We saw the same incident when Starbucks Singapore was in the spotlight a couple of weeks ago. This one is no different and here’s what you need to know.
A Leak in the Base – Swachh City Hit Hard
As we mention, breaches lead to many malicious practices if cyber criminals decided to act. Remember when Samsung suffered a data breach earlier this year?
Yes, this breach came back to haunt them a few months later when the threat actors behind it decided to use this data. Now, the Swachh City Platform is in the same predicament but the malicious practices are already in place.
The Swachhata Platform is part of the Indian government’s Swachh Bharat Mission. This translates to the Clean India Mission nationwide initiative which is created to achieve universal sanitation coverage.
Cybersecurity firm Cyble monitored the breach and stated that the database comprises 101,718 unique email addresses and 15,835,111 unique mobile numbers.
These details can put users at risk as cybercriminals can perform all sorts of malicious practices, including phishing campaigns.
Not only that, but Cyble also claims that the breach occurred due to the threat actors acquiring compromised credentials belonging to administrator and non-administrator accounts.
How did they get their hands on such information? They might have used brute-force attacks to gain access to these credentials. Apparently, the threat actors last signed in to the compromised account back on May 20, 2022.
In other words, the data exfiltration activity took place then. The threat actors have had the information for about 5 months. Unfortunately, the hackers (LeakBase) shared the information online:
As of now, Swachh’s website is unavailable. However, all users are recommended to implement the strongest security policies possible.
That includes creating strong passwords, changing any duplicate passcodes, as well as enabling two-factor authentication.
Swachh Breach – LeakBase Scores Big
LeakBase has been active forums since March 29, 2022. With over 391 posts and a positive reputation for their leaks and alleged compromises – this group seems to have a lot of potential in the cybercrime world.
As mentioned, users are recommended to take all the necessary precautions to protect themselves. Not only that, but they should also be very vigilant as their details might be used in future malicious activities.