Early this September, the National Informatics Centre (NIC) told the Delhi Police that computers containing data relating to national security and VVIPs such as Prime Minister Narendra Modi were compromised and that the attack is believed to have originated from a Bengaluru firm.
Delhi police sources said the computers broken into also stored data relating to National Security Advisor Ajit Doval, Indian citizens and senior government functionaries.
The Delhi Police’s Special Cell has filed a case after the attack.
The NIC sets up and maintains information and communication technology and security for the government.
The massive data breach came amid reports that a Shenzen-based technology company in China with links to the Chinese government and the Chinese Communist Party monitored over 10,000 Indians and organizations in its global database of “foreign targets.”
The reports led to the Foreign Ministry on Wednesday (September 16) summoning Chinese ambassador Sun Weidong and protesting over alleged surveillance through social media scraping on prominent Indians by Chinese company Zhenhua Data Information Technology.
Delhi police sources said the attack began with the receipt of an e-mail to NIC employees. When a link provided in that e-mail was clicked, data stored on that machine became compromised and computer systems were affected.
Sources also said the original e-mail came from a United States company based in Bengaluru (the e-mail’s IP address originated there). Further investigations are ongoing, the sources said.
The government has formed an expert panel under the National Cyber Security Coordinator to study the allegations of Chinese attempt at data breach. The committee is to submit a report within a month.
In the case involving Chinese firm’s snooping attempt, Foreign Minister S Jaishankar wrote to Congress leader KC Venugopal, who had raised the issue in the Lok Sabha. Jaishankar said the claims referred to the Overseas Key Information Database (OKID), which covers around 2.4 million individuals worldwide.
Zhenhua itself has said OKID data was collected from open sources and is no different from similar databases maintained by Western companies. They have denied accessing private information from confidential sources, Jaishankar said in his letter.