Download Our DHN Survey Result 2024
Realize your Healthcare’s Digital Transformation journey with ScaleHealthTech Learn More

Massive ICMR Data Breach Exposes Personal Details of Over 81.5 Cr Indian Citizens

Written by : Jayati Dubey

November 1, 2023

Category Img

The breach was exposed when US cybersecurity firm Resecurity discovered a threat actor known as 'pwn0001' selling access to 815 million 'Indian Citizen Aadhaar and Passport' records on Breach Forums.

In a massive data breach, the personal details of more than 81.5 Cr citizens linked to the Indian Council of Medical Research (ICMR) have surfaced on the dark web, including sensitive information such as Aadhaar and passport details, names, phone numbers, and addresses.

This alarming incident has prompted the Central Bureau of Investigation (CBI) to step in for a thorough investigation following a formal complaint from the ICMR.

The breach came to light when the US-based cybersecurity and intelligence firm Resecurity identified a threat actor named 'pwn0001' offering access to 815 million 'Indian Citizen Aadhaar and Passport' records on Breach Forums.

Cybersecurity analysts verified the authenticity of the breach by examining a sample of 100,000 records containing personally identifiable information (PII) related to Indian residents. They even cross-referenced Aadhaar Card IDs through a government portal's "Verify Aadhaar" feature.

The threat actor was reportedly willing to sell the entire dataset, consisting of Aadhaar and Indian passport details, for a staggering $80,000 (over INR 66 Lakh). However, the source of the data remains undisclosed.

This incident follows a recent breach of the Ministry of AYUSH's official website in Jharkhand, where over 3.2 Lakh patient records were exposed on the dark web.

The compromised data, amounting to 7.3 MB, contained sensitive patient information, medical diagnoses, and data about healthcare providers, including their personally identifiable information, login credentials, usernames, passwords, and phone numbers. The breach was attributed to a threat actor known as "Tanaka."

According to reports, last year witnessed over 6,000 hacking attempts on the ICMR website, indicating the persistent threat posed by cybercriminals.

The ICMR data breach has raised serious concerns regarding the security of personal information in the digital age. As investigations proceed, it becomes essential for organisations and authorities to bolster cybersecurity measures to safeguard sensitive data and protect citizens from data breaches and cyber threats. Cybersecurity awareness and vigilance remain crucial components in the ongoing battle against cybercrime.

Recently, in a similar development, a significant breach in the security of Noida-based Redcliffe Labs, a prominent Indian diagnostic centre, resulted in the exposure of more than 1.2 Cr medical records, including sensitive patient information. The breach was discovered by cybersecurity researcher Jeremiah Fowler, who found an unprotected database housing extensive medical data.

This breach adds to a series of cyberattacks targeting India's healthcare system, including a malware attack on the All India Institute of Medical Sciences Delhi on June 6. Fortunately, the institute's cybersecurity systems successfully neutralised the threat.

In response to this cyber attack at AIIMS, New Delhi, the Postgraduate Institute of Medical Education and Research (PGIMER) in Chandigarh took proactive steps by initiating an audit of its Hospital Information System (HIS) last month.

This move positioned PGIMER as a pioneering medical institute of national importance in India to undertake such an audit. The primary objective of this audit is to assess potential vulnerabilities in PGIMER's systems and enhance its cybersecurity measures to safeguard against future cyber threats.

About Chime India

The College of Healthcare Information Management Executives (CHIME) is an executive organization dedicated to serving senior digital health leaders. CHIME includes more than 5,000 members in 56 countries and two US territories and partners with over 150 healthcare IT businesses and professional services firms. CHIME enables its members and business partners to collaborate, exchange ideas, develop professionally and advocate the effective use of information management to improve the health and care throughout the communities they serve. CHIME's members are chief information officers (CIOs), chief medical information officers (CMIOs), chief nursing information officers (CNIOs), chief innovation officers (CIOs), chief digital officers (CDOs), and other senior healthcare leaders. The CHIME India Chapter became the first international chapter outside North America in 2016 and is now a community of over 70+ members in India. For more information, please visit


Digital Health News ( DHN) is India’s first dedicated digital health news platform launched by Industry recognized HealthTech Leaders. DHN Is Industry’s Leading Source Of HealthTech Business, Insights, Trends And Policy News.

DHN Provides In-Depth Data Analysis And Covers Most Impactful News As They Happen Across Entire Ecosystem Including Emerging Technology Trends And Innovations, Digital Health Startups, Hospitals, Health Insurance, Govt. Agencies & Policies, Pharmaceuticals And Biotech.


© Digital Health News 2024