Security News > 2022 > September > Swachh City Platform Suffers Data Breach Leaking 16 Million User Records
A threat actor by the name of LeakBase has shared a database containing personal information allegedly affecting 16 million users of Swachh City, an Indian complaint redressal platform.
Leaked details include usernames, email addresses, password hashes, mobile numbers, one-time passwords, last logged-in times, and IP addresses, among others, according to a report shared by security firm CloudSEK with The Hacker News.
The Swachhata Platform is part of the Indian government's Swachh Bharat Mission nationwide initiative to "Achieve universal sanitation coverage."
According to Cyble, the database comprises 101,718 unique email addresses and 15,835,111 unique mobile numbers, putting users at risk of phishing, smishing, social engineering, and identity theft.
The cybersecurity firm said that the breach possibly leveraged compromised credentials belonging to administrator and non-administrator accounts, likely obtained by means of a brute-force attack.
Users of the service are recommended to implement a strong password policy, rotate passwords, and enable two-factor authentication.
News URL
https://thehackernews.com/2022/09/swachh-city-platform-suffers-data.html
Related news
- Yacht retailer MarineMax discloses data breach after cyberattack (source)
- OWASP discloses data breach caused by wiki misconfiguration (source)
- AT&T faces lawsuits over data breach affecting 73 million customers (source)
- SurveyLama data breach exposes info of 4.4 million users (source)
- US cancer center data breach exposes info of 827,000 patients (source)
- Home Depot confirms third-party data breach exposed employee info (source)
- AT&T now says data breach impacted 51 million customers (source)
- CISA warns about Sisense data breach (source)
- Hacker claims Giant Tiger data breach, leaks 2.8M records online (source)
- Cisco Duo warns third-party data breach exposed SMS MFA logs (source)