Security News > 2022 > September > Swachh City Platform Suffers Data Breach Leaking 16 Million User Records

A threat actor by the name of LeakBase has shared a database containing personal information allegedly affecting 16 million users of Swachh City, an Indian complaint redressal platform.

Leaked details include usernames, email addresses, password hashes, mobile numbers, one-time passwords, last logged-in times, and IP addresses, among others, according to a report shared by security firm CloudSEK with The Hacker News.

The Swachhata Platform is part of the Indian government's Swachh Bharat Mission nationwide initiative to "Achieve universal sanitation coverage."

According to Cyble, the database comprises 101,718 unique email addresses and 15,835,111 unique mobile numbers, putting users at risk of phishing, smishing, social engineering, and identity theft.

The cybersecurity firm said that the breach possibly leveraged compromised credentials belonging to administrator and non-administrator accounts, likely obtained by means of a brute-force attack.

Users of the service are recommended to implement a strong password policy, rotate passwords, and enable two-factor authentication.

News URL

https://thehackernews.com/2022/09/swachh-city-platform-suffers-data.html