Home
Threat Intelligence Posts
Breach

Police Exam Database Exposes 500K Indian Citizens’ PII

CloudSEK researchers discovered a post on a database sharing platform advertising the name, number, PII of BPSSC Police exam candidates.
Updated on
April 19, 2023
Published on
January 29, 2021
Read MINUTES
5
Subscribe to the latest industry news, threats and resources.
CloudSEK has discovered a post on a well-known database sharing forum advertising the PII of 500,000 Indian citizens. While the threat actor does not mention the name of an organization, the data provided in the sample is clearly associated with a police exam conducted on 22 Dec 2019. 

Police details

 

Discovery of the leak

CloudSEK’s proprietary risk monitoring tool XVigil discovered a post on a popular surface web forum on 29 January 2021. The actor claims to have 500,000 records and has shared a sample of the leak that contains the data of 10,000 users. For more records, the threat actor has to be reached via email or Telegram. 

Police data post

 

Contents of the leak

The sample CSV file, shared over a file hosting link, contains 10,452 records. Each record includes the following fields:
  • transactionid
  • first_name
  • middle_name
  • last_name
  • name
  • father_name
  • mother_name
  • husband_name
  • mobileNumber
  • email address
  • sex
  • dob
  • marrital_status
  • nationality
  • identity_type
  • identification_mark
  • community
  • jk_domiciled
  • hno
  • street
  • village postoffice
  • district state
  • pincode
  • correspondance_address
  • hno1
  • street1 village1
  • postoffice1
  • district1
  • state1
  • pincode1
  • ffw
  • exman govt_emp_service
  • debarment
  • fir_case
  • fir_case_pending
  • arrested
  • criminal_case_acquitted
  • good_behavior_bond
  • preference1
  • preference2
  • preference3
  • is_duplicate
  • wedistrict
  • weexamcode
  • wedistrictcode
  • wecentrecode
  • werollno
  • wedate wecentre
  • attendence
  • attendence1
  • attendence_scaning
  • attendence_scaning_remarks
  • omr_remark
 

Data verification and validation 

On analysing the sample, CloudSEK researchers identified that the common denominators of a significant amount of the sample data are Bihar (“wedistrict”) and 22 December 2019 (“wedate”). This points to the candidates of the preliminary examination conducted by Bihar Police Subordinate Services Commission (BPSSC) for the post of Sub Inspector/ Sergeant/ Assistant Superintendent Jail / Assistant Superintendent Jail, on 22 December 2019.  Police Prelims The mobile numbers provided in the sample have been validated against the candidate’s name.  

Police database

 

Impact 

The entire leaked database consists of ~500K records. Since the database includes sensitive data, i.e. name, mobile number, and PII, it makes the victims vulnerable to phishing campaigns, scams, and even identity theft. 
CloudSEK Platform is a no-code platform that powers our products with predictive threat analytic capabilities.
Recent Posts

Recent Articles

Critical CSRF Vulnerability in IBM CICS TX - CVE-2023-42027 Demands Immediate Action
November 15, 2023
CVE-2023-43792 baserCMS is a website development framework vulnerable to Code Injection attacks
November 6, 2023

Get Global Threat Intelligence on Real Time

Protect your business from cyber threats with real-time global threat intelligence data.. 30-day free and No Commitment Trial.
Schedule a Demo
Real time Threat Intelligence Data
More information and context about Underground Chatter
On-Demand Research Services
Dashboard mockup
Global Threat Intelligence Feed

Protect and proceed with Actionable Intelligence

The Global Cyber Threat Intelligence Feed is an innovative platform that gathers information from various sources to help businesses and organizations stay ahead of potential cyber-attacks. This feed provides real-time updates on cyber threats, including malware, phishing scams, and other forms of cybercrime.
Trusted by 400+ Top organisations
Get started
Learn more