Cybersecurity firm CloudSEK's XVigil AI digital-risk platform reported that the Parivahan website for the integrated road accident database of the ministry of road transport and highways suffered a data breach.

According to CloudSEK, the breach exposed the source code of the Integrated Road Accident Database (iRAD) website, leading to the leak of its source code and user data on the Dark Web.

"CloudSEK has notified the MoRTH about the breach. The firm urges immediate action to secure the iRAD website and safeguard sensitive user data," the company said.

"We discovered sensitive assets embedded within the code, including hostnames, database names, and passwords. The usernames and passwords found in the source code were quite simple and susceptible to brute-force attacks when there's local access to the server," the cybersecurity company stated.

The source code references sms.gov.in, a NIC SMS Gateway used by government departments to send SMS to Indian nationals. The embedded URL in the source code includes fields for usernames and passwords, which if exploited, might give unauthorised individuals the ability to send messages to recipients, CloudSEK noted.

The same threat actor, after exposing the source code, shared a sample dataset of 10,000 user records from a vulnerable API endpoint of the iRAD website on August 7. This data breach was achieved through an SQL injection, underscoring significant vulnerabilities. The leaked dataset contains sensitive information such as user IDs, names, emails, mobile numbers, and passwords.

Upon verification, some mobile numbers and names from the sample dataset were matched via Truecaller. The dataset also included email IDs and clear text passwords of government officials, according to CloudSEK.

(Edited by : Pradeep John)