Security News > 2022 > September > Swachh City Platform Suffers Data Breach Leaking 16 Million User Records
A threat actor by the name of LeakBase has shared a database containing personal information allegedly affecting 16 million users of Swachh City, an Indian complaint redressal platform.
Leaked details include usernames, email addresses, password hashes, mobile numbers, one-time passwords, last logged-in times, and IP addresses, among others, according to a report shared by security firm CloudSEK with The Hacker News.
The Swachhata Platform is part of the Indian government's Swachh Bharat Mission nationwide initiative to "Achieve universal sanitation coverage."
According to Cyble, the database comprises 101,718 unique email addresses and 15,835,111 unique mobile numbers, putting users at risk of phishing, smishing, social engineering, and identity theft.
The cybersecurity firm said that the breach possibly leveraged compromised credentials belonging to administrator and non-administrator accounts, likely obtained by means of a brute-force attack.
Users of the service are recommended to implement a strong password policy, rotate passwords, and enable two-factor authentication.
News URL
https://thehackernews.com/2022/09/swachh-city-platform-suffers-data.html
Related news
- Free, France’s second largest ISP, confirms data breach after leak (source)
- Interbank confirms data breach following failed extortion, data leak (source)
- How to Effectively Manage a Data Breach (source)
- Amazon confirms employee data breach after vendor hack (source)
- HIBP notifies 57 million people of Hot Topic data breach (source)
- US space tech giant Maxar discloses employee data breach (source)
- Fintech giant Finastra investigates data breach after SFTP hack (source)
- Bologna FC confirms data breach after RansomHub ransomware attack (source)
- Rhode Island confirms data breach after Brain Cipher ransomware attack (source)
- Texas Tech University System data breach impacts 1.4 million patients (source)