In a fresh advisory, Indian Computer Emergency Response Team (Cert-In) has asked people to follow good cybersecurity hygiene following reports of a massive data breach involving 16 billion online credentials. The breach includes usernames, passwords, authentication tokens, and metadata leaked from platforms such as Apple, Google, Facebook, and several VPN services.
The agency has urged individuals to update their passwords immediately, enable multi-factor authentication (MFA), and switch to passkeys wherever possible. The advisory also recommends running antivirus scans and keeping systems up to date to protect against malware.
The country’s nodal cybersecurity agency also advised organisations to enforce MFA, limit user access, and use intrusion detection systems (IDS) and Security Information and Event Management (SIEM) tools to detect suspicious activity. It also recommended that companies check that their databases aren’t publicly exposed and ensure that sensitive data is encrypted.
“This appears to be a consolidated dataset, and some of the credentials may be outdated or already changed. However, we’re issuing the advisory to urge people to follow good cybersecurity hygiene,” a senior official at Cert-In said.
The advisory was first released on Monday.
The massive dataset, which is believed to be available on the dark web, has been reportedly compiled from 30 different sources, mostly through infostealer malware. The dataset could enable attackers to carry out phishing, account takeovers, ransomware attacks, and business email compromises, said the Cert-In advisory.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
