5K Exim India Login Credentials Leak on a Dark Web Forum

Published 04 May 2021


  • XVigil discovered a post, on a surface web database marketplace, advertising 5000 login details of the Exim India users
  • The leaked data includes email addresses, passwords, etc.

Share this Threat Intel:

Category
Adversary Intelligence
Affected Industries
Media
Affected Data Fields
Address, Login Name, Password, Email Address, Last login

 

Executive Summary

CloudSEK’s flagship digital risk monitoring platform XVigil discovered a post, on a surface web database marketplace, advertising 5000 login details of the Exim India users, including email addresses and passwords. With its head office at Mumbai, Exim India is a reputed daily newspaper publishing house and has been in the business for the last 40 years.

The post was published on 27 April 2021 exposing the credentials of users, following a data breach incident on the same day. The threat actor has also included sample records and their Telegram contact details for potential buyers. 

Exim India Post

The Contents of the Leak 

The leaked database contains Exim India users’ login credentials and personal information in the following schema:

  • Address
  • Login Name 
  • Password 
  • Email ID 
  • Last Login

Data Verification and Validation 

Using public sources we were able to verify various fields in the leaked data.

Exim India samples

Current Impact

  • Threat actors can leverage users’ login details to impersonate them and to launch new attacks or campaigns.
  • The leaked data can be used to orchestrate other forms of targeted attacks.

General Recommendations

  • Use strong passwords
  • Enable multi-factor authentication for all online accounts
  • Don’t share OTPs with third-parties
  • Review online accounts and financial statements periodically
  • Regularly update apps and other software

Be informed in your Inbox

Sign up now to our Threat intelligence Newsletter and be the first to know about threats first in your inbox.

Join the Discussions

Discuss your way into our Community about these threats and stay Vigilant and informed.