Comments
A French hacker who goes by the alias ‘Elliot Alderson’ (a nod to the TV series, Mr. Robot ) on Thursday flagged a security issue in Prime Minister Narendra Modi’s website.
“Hi @narendramodi, A security issue has been found in your website. Can you contact me asap to fix the issue? Regards, cc @PMOIndia @IndianCERT,” Alderson tweeted.
Alderson then added that he had established contact with the team that handles the website and had disclosed the issue to them.
“10 minutes after this tweet, a contact has been established with the @narendramodi website team and the issues has been disclosed,” he tweeted.
Though he did not disclose the exact issue with the website, Alderson had tweeted that it was related to an alleged data leak from the website.
Last week, cybersecurity firm Cyble had claimed that personal data of over 5,70,000 users had been leaked on the dark web. The firm said it had been tipped off about the leak and was able to acquire and analyse the data.
Watch | PM Modi’s personal website hacked
According to Cyble’s report, the leak contained multiple databases, some of which (‘cctransactions’ and ‘users’) contained a “substantial” amount of personally identifiable information (PII) data belonging to Modi’s followers.
This information includes Name, Email ID, contact information, etc.
The data also contained details of various donations made by users including non-public data such as bank_ref_no, payment_mode, etc.
“We estimate that out of 574,000 users listed on the database, over 292,000 of them appear to have made donations to the concerned website only,” Cyble had said in its report.
Last month, the personal Twitter account of Modi had been hacked. The micro-blogging platform had confirmed the hack following a series of tweets from PM Modi’s account asking followers to donate to the PM’s National Relief Fund using cryptocurrency.
“Cyble subsequently investigated the threat and noted that the breach was due to an account linked to the website of narendramodi.in. On September 3, Cyble notified CERT-India that the Twitter account was compromised through the website’s configuration (example access_token) linked with Twitter,” it said.
There had been no official response to the alleged data leak on the dark web.
ALSO READ:Government denies hacker’s claims of security breach in Aarogya Setu app
Comments
COMMENT NOW
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.