Swachh City Platform Suffers Data Breach Leaking 16 Million User Records

Cyber Security

A threat actor by the name of LeakBase has shared a database containing personal information allegedly affecting 16 million users of Swachh City, an Indian complaint redressal platform.

Leaked details include usernames, email addresses, password hashes, mobile numbers, one-time passwords, last logged-in times, and IP addresses, among others, according to a report shared by security firm CloudSEK with The Hacker News.

CyberSecurity

The website is currently inaccessible.

Swachh City Platform

The Swachhata Platform is part of the Indian government’s Swachh Bharat Mission (translated as Clean India Mission) nationwide initiative to “achieve universal sanitation coverage.”

Swachh City Platform

According to Cyble, the database comprises 101,718 unique email addresses and 15,835,111 unique mobile numbers, putting users at risk of phishing, smishing, social engineering, and identity theft.

CyberSecurity

The cybersecurity firm said that the breach possibly leveraged compromised credentials belonging to administrator and non-administrator accounts, likely obtained by means of a brute-force attack.

An analysis of the dataset also showed that the latest login was observed on May 20, 2022, indicating that the threat actor performed the exfiltration activity on that date.

Users of the service are recommended to implement a strong password policy, rotate passwords, and enable two-factor authentication.

Articles You May Like

Binance, other crypto firms line up bids for bankrupt Voyager Digital after FTX collapse
Elon Musk Polls Users on ‘General Amnesty’ for Suspended Twitter Accounts
Crypto Firm Genesis Warns of Bankruptcy
NASA’s Orion Spacecraft Enters Lunar Orbit a Week After Artemis I Launch
34 Russian Hacker Groups Stole Over 50 Million Passwords with Stealer Malware