In: Data of 34 million Keralites leaked in massive data breach; govt had ignored vulnerability reports

And this, kids, is what happens when an entity keeps ignoring vulnerability reports from researchers or infosec folks. In this case, an IT consultant, “N.T.R.,” hacked civilsupplieskerala.gov:

“I wrote to the NIC several times pointing to the vulnerabilities and even called the civil supplies office warning them about a possible breach, but they ignored me. I had no option but to make the information public in a Facebook post,” N.T.R., a native of Thiruvananthapuram, said from Tokyo.

Mazhar Faroqui reports that the

breach occurred last fortnight when an Indian man living in Tokyo hacked the Kerala government’s civil supplies department website and uploaded the sensitive information of all of Kerala’s 8,022,360 Public Distribution System (PDS) beneficiaries and their family members on Facebook.

The data reveals names, addresses, birth dates, gender, monthly incomes, electoral card details, consumer numbers of power and cooking gas connections.

Read more on XPRESS.

About the author: Dissent