Data of 22 million people at risk

Cyber chief, Lt. General Rajesh Pant, warns PM COVID-19 fund at risk of hackers.
14 May 2020
WhatsApp’s data privacy concerns on rise!
19 May 2020

Everything that happens in the present has some form of impact on the future. When the world got captivated by the internet and the services provided by it, there was a simultaneous development of the Dark Web. The dark web has been known for the purchase and sale of scores of data sets of common people.

Troy Hunt is the founder of the blog, “Have I been pwned” that lets you know whether your e-mail address has been hacked or not. He was recently notified of a data breach that included his personal information. In spite of his own experiences with data phishing and dark web, Mr. Hunt was not able to clearly identify the source which resulted in breach of about 22 million people. According to Mr. Hunt, it is possible that the data breach was aggregated by a sophisticated Customer Relationship Management System. Of course, it is just a hypothesis for now, till further information is revealed. He further elaborated that there is no indication of the origin of the said data breach. The code contained about one -hundred thousand rows which begins with db8151dd, which has now become the epithet of the data breach.

The 90GB worth of stolen data includes full names, email addresses, phone numbers, job titles, and social media profiles. The reason why it is hard to configure the data breach is because of its unknown source. In a revelation, Mr. Hunt had elaborated that the data breach was quite systematic in a manner that the program understood “association.” The mere fact that data of certain people with whom Mr. Hunt had associated were nearby on the list of people whose data had been hacked is alarming.

There is an assumption that most of the data could have been taken away from sites like Facebook and LinkedIn. In the recent past, data of 267 million Facebook users was sold on the Dark Web for $542 which included basic profile details and phone numbers. Troy Hunt’s blog uses a program which lets you know whether your email address had witnessed a data breach or not. It also explicitly mentions which companies or apps that had your data were hacked and the year in which they were hacked. This let’s the user know that his/her data was breached or not. The blog also mentions the largest data breaches witnessed and in which company along with the most recent noteworthy breaches.

For now, Mr. Hunt has uploaded the data breach information on his blog. We await for further clarifications from his side about the unknown source that hacked the system.

-Ridha Dhawan
Member, Reporters Committee

Leave a Reply

Your email address will not be published. Required fields are marked *