Data breach exposes 2.9 lakh Bangalore Water Supply and Sewerage Board's customers' details: Report
Bengaluru: A major data breach has exposed the personal information of more than 2.9 lakh users of the Bangalore Water Supply and Sewerage Board (BWSSB), according to a recent probe conducted by the Bengaluru-based cybersecurity firm CloudSEK.
The breach involved unauthorised access to BWSSB's water connection application portal, exposing sensitive user data including Aadhaar numbers, PAN details, mobile numbers, full addresses, email IDs, and payment records, the probe report revealed, as cited by Deccan Herald on Tuesday.
The compromised database was reportedly listed for sale on BreachForum, an underground data leaks web forum, by a threat actor with the username pirates_gold.
"The initial post by the threat actor specified a payable amount of $500 (approximately Rs 42,616) for access to the compromised BWSSB database. However, upon direct engagement, the actor demonstrated high level of urgency and appeared willing to negotiate significantly lower prices, indicating a potential desperation to sell," CloudSEK noted in its findings, which were shared with both the BWSSB chairman and the Officer on Special Duty to Chief Minister Siddaramaiah.
"The post claimed that the database access would expose records of 2,91,212 users. It was explicitly stated that the compromised data did not include the user's passwords. Additionally, the post featured a few lines of sample data,” said the report, as cited by DH.
The leaked dataset reportedly contained multiple categories of information, including payment data, grievance data, application data, and system logs. The application data alone is said to contain over 2.91 lakh records, featuring full names, complete addresses, contact details, Aadhaar, and PAN numbers—details which could potentially be exploited for identity theft or financial fraud.
Despite the serious nature of the breach, sources in the BWSSB assured that the data was safe. "The entire billing data is stored in the Data Centre maintained by the Karnataka government. The 24x7 monitoring is at a high-security level and a breach of billing data was next to impossible,” DH quoted BWSSB sources as saying.
Meanwhile, BWSSB Chairman Ram Prasath Manohar acknowledged the report and stated that adequate measures would follow, noting that a case would be filed with the cybercrime police. “If a breach has indeed occurred, we will identify the root cause and involve technical experts to bolster our data security systems,” DH quoted Manohar as saying.
As part of its findings, CloudSEK recommended immediate corrective measures, including conducting a comprehensive security audit, revoking any exposed or potentially compromised credentials, and removing public access to administrative interfaces to prevent future breaches.
Let the Truth be known. If you read VB and like VB, please be a VB Supporter and Help us deliver the Truth to one and all.
Man killed in flat ceiling plaster crash, wife and son hurt
Thane (PTI): A 45-year-old man was killed, and his wife and son were injured when a portion of plaster from the ceiling collapsed in their flat in a seven-storey building in Thane on Saturday, officials said.
Chief of the Regional Disaster Management Cell, Yasin Tadvi, said the 16-year-old building is not listed in the "dangerous" category.
"The incident occurred in Karumdev Society at about 3 am. The plaster of the hall in a flat on the terrace floor suddenly fell while the occupants were asleep", he said.
Of the four people who were inside the room, two suffered minor injuries and were discharged after primary treatment, Tadvi stated.
The injured persons were identified as Arpita More (42), who suffered minor head injuries, and her son Arush More (16), who sustained injuries to both legs.
Manoj More (45), who sustained chest injuries, died during treatment at a private hospital.
