ICMR data leak: Delhi police arrest four for selling info on dark web for 'quick money'
The probe agencies detected the breach in October after they came across the data, including Aadhaar and passport records, on dark web
The Delhi Police have arrested four persons in connection with the Indian Council of Medical Research (ICMR) data leak case. They have been arrested for selling personal details of more than 81 crore Indians on the dark web.
The move came around a couple of months after Central probe agencies found that the personal details of over 81 crore Indians were leaked from the data bank of ICMR and put on sale on the dark web. The police have arrested these four suspects from three states.
Incidentally, the suspects, during police questioning, also claimed to have stolen data of the Federal Bureau of Investigation (FBI) and Computerised National Identity Card (CNIC) — Pakistan’s Aadhaar counterpart. A senior official in a Central probe agency said the Delhi police took suo motu cognisance of the data leak earlier this month and registered an FIR.
“A BTech degree holder from Odisha, two school dropouts from Haryana and one from Jhansi were arrested last week. They were produced before a Delhi court which remanded them in seven-day police custody,” the officer said. According to him, those arrested told investigators that they met on a gaming platform around three years ago and became friends, following which they decided to earn quick money.
The probe agencies detected the breach in October after their officers came across the data — including Aadhaar and passport records — on the dark web. Given the sensitivity of the matter, a probe was initiated immediately leading to last week’s arrest of the four men. Now, officials of all central agencies are also questioning them and trying to find out how they stole the data.
Quoting an unidentified officer of a central agency, The Indian Express reported that the case was initially reported to the Indian Computer Emergency Response Team, or CERT-In, which verified with the departments concerned about the authenticity of the data and asked them to match it with the actual data.
CERT-In is a nodal agency under the Union Ministry of Electronics and Information tasked with responding to cyber security incidents.
The departments found that data of around 1 lakh people was put up as a sample, from which they picked data of 50 people for verification and found them matching. The authorities then launched an investigation.
ICMR has been facing multiple cyber-attack attempts since February and Central agencies as well as the council were aware of it. Over 6,000 attempts were made last year to hack ICMR servers.
