SUMMARY
Inc42 has learnt from cybersecurity researcher Rajshekhar Rajaharia that the data, sized 50 GB, was being sold on a dark web marketplace by an anonymous user for as low as INR 370.
The nature of the data that has been leaked is sensitive, as it includes the names, phone numbers, email addresses, exact location of users (latitude and longitude), their industry of work and links to their LinkedIn profiles
The leaked data also includes users’ encrypted passwords. Although, Rajaharia told that the passwords can be easily decrypted
The data of 1.4 Mn registered users on jobs listing website iimjobs.com was allegedly leaked on the dark web on Monday (November 23).
Inc42 has learnt from cybersecurity researcher Rajshekhar Rajaharia that the data, sized 50 GB, was being sold on a dark web marketplace by an anonymous user for as low as INR 370.
Screenshots of the breached database accessed by Inc42 indicate that the leaked data is sensitive, as it includes the names, phone numbers, email addresses, exact location of users (latitude and longitude), their industry of work and links to their LinkedIn profiles.
The leaked data also includes users’ encrypted passwords. However, Rajaharia said that the passwords had been encrypted using the MD5 message-digest algorithm, which is an outdated method of data encryption and can be easily decrypted by hackers today.
“Cybersecurity has moved beyond MD5, which was used only 10-15 years back. Most websites today prefer to use more sophisticated algorithms for data security and encryption,” said Rajaharia.
IIMjobs is an online recruitment platform for middle and senior management positions in India. It claims to have more than 1 Mn registered users and says that it works with 30,000 recruiters from sectors such as banking and finance, consulting, sales and marketing, human resources, information technology and operations, BPO and legal to help them recruit talent.
IIMjobs was founded by Tarun Matta in 2008. Last year, Info Edge India, a publicly listed online classifieds company which operates popular portals such as Naukri.com, jeevansaathi.com and 99acres.com, acquired Highorbit Careers, the parent entity of iimjobs.com and hirist.com, the latter being a classified website for jobs in the IT industry. The deal was worth INR 81 Cr.
Inc42 has learnt from Rajaharia that the leaked data is from last year, as the most recent ‘date of registration’ for a user whose data has been leaked in the MySQL database is someday in January 2019, four months before iimjobs was acquired.
It is apparent that the company has since updated its security procedures, also suggesting that it’s aware of the data leak that has happened. Notably, all registered users on iimjobs, upon keying in their login details on the portal, are required to reset their passwords through a reset link sent to their registered email ids.
When asked about the data breach, Info Edge said that it is investigating the platform and keeping a close tab on reports, adding that it would take some time to deep dive into the alleged problem.
Cyber Attacks On Indian Platforms
Recent months have seen several Indian companies, such as Google-backed hyperlocal delivery platform Dunzo, online grocery delivery service BigBasket, popular India food manufacturing company and restaurant chain owner Haldirams, Indian edtech platform Edureka, online travel marketplace RailYatri and even the personal website of Prime Minister Narendra Modi suffer cyber attacks, with the data on these websites being subsequently leaked on the dark web, where it was available for purchase.
In May this year, users’ data from another Info Edge-owned jobs portal Naukri.com had been leaked on the dark web.
Vineet Kumar, the founder of Cyber Peace Foundation (CPF), a think tank of cybersecurity and policy experts, said that with increased digitisation of companies and their processes, data has become the new oil.
Hence, anti-social elements are drawn to hacking and other sophisticated practices to launch modern-age attacks on people and countries as such.
“You get good money when you sell users data on the dark web. Hackers discovering vulnerabilities and using SQL injections to pull entire databases remains a common practice for hacking,” Kumar told Inc42.
Kumar added that as Indian startups scramble to lure investors and raise growth capital in an intensely competitive market, ensuring the security of users’ data is the last of their concerns.
“You’ll see a lot of these Indian startup platforms get hacked in the near future. Hackers know that lapses will happen here since cyber hygiene isn’t being maintained by these companies,” he said.
Government data shows that in 2019 alone, India witnessed 3.94 lakh instances of cybersecurity breaches. In terms of hacking of state and central government websites, Indian Computer Emergency Response Team (CERT-In) data shows that a total of 336 websites belonging to central ministries, departments and state governments were hacked between 2017 and 2019.
According to Nasscom’s Data Security Council of India (DSCI) report 2019, India witnessed the second-highest number of cyber attacks in the world between 2016 and 2018. This comes at a time when digitisation of the Indian economy is predicted to result in a $435 Bn opportunity by 2025.
