Rewind 2024:Major cyber-attacks that shook India this year
India is experiencing a surge in cyber-attacks, including ransomware, phishing, and Distributed Denial-of-Service (DDoS) attacks, targeting businesses, banks, and public services, leading to calls for stronger data protection measures. In 2024, the country reported nearly 370 million malware attacks, with over one million ransomware detections. Key sectors affected included healthcare, hospitality, and banking, financial services and insurance (BFSI), with Telangana and Tamil Nadu identified as major hotspots, as per various reports.
In the first six months of the year — for the period from January to June — organisations and businesses in India faced 135,173 phishing attacks related to financial matters— e-commerce, banking, and payment systems, among others, rising 175 per cent compared to the same period last year, according to a report by Kaspersky, a global cybersecurity and digital privacy company. The trend continued through the year, driven by increased digital adoption and the use of artificial intelligence (AI) and automation by threat actors to create convincing content and target victims more effectively.
As we draw the curtains on 2024, let’s scan through some of the major cyber-attacks that shook India this year.
In January, the System for Pension Administration Raksha (SPARSH) portal, India’s central web-based system for automating pension processes for defense personnel that’s developed and managed by Tata Consultancy Services (TCS), suffered a massive data leak. Thousands of defense personnel’s sensitive information was exposed in the SPARSH portal data leak, raising serious concerns about the privacy and security of those who have served in the nation’s defense forces. Notably, credentials granting access to this sensitive information have surfaced on Telegram, creating the potential for misuse and manipulation of crucial pension-related processes.
A hacker operating under the alias ‘dawnofdevil’ has asserted responsibility for a massive data breach targeting Hathway, one of India’s largest Internet Service Providers (ISPs) and cable television operators, in January. According to the hacker’s message posted on the breach forum, the Hathway data leak exposed sensitive information belonging to over 41.5 million customers. A staggering over 200 GB of data has been dumped, comprising 789 CSV files, as claimed by the hacker in a message posted on a forum.
In February, broking firm Motilal Oswal Financial Services (MOFSL) fell victim to a cyber-attack by LockBit, which claimed to have gained access to the firm’s confidential data. LockBit, a ransomware group, claimed responsibility for the attack on its dark web, potentially risking the information of over six million clients of MOFSL.
Burger Singh, an Indian fast-food chain, experienced a cyber-attack on February 27, conducted by a Pakistani hacking group named Team Insane PK, as per the company's recent revelation. The hackers not only infiltrated but also redesigned the company's website. The company expressed confidence in handling the situation and assured its customers that this digital disruption is a temporary setback.
In March, Polycab, a manufacturer of Wires and cables, said, its IT infrastructure was hit by a ransomware attack. However, Polycab maintained that the incident has not impacted the core systems and operations of the company and that the company’s systems are up and running and all factories are operating.
Indian consumer wearable brand boAt suffered a massive data breach in April, where the personal information of more than 7.5 million customers has been compromised. The threat actor has put out around 2 Gigabytes of personally identifiable information (PII) of boAt users on dark web forums.
In June, Bharat Sanchar Nigam Limited (BSNL) faced a significant breach exposing the sensitive information of millions, including international mobile subscriber identity (IMSI) numbers, SIM card specifics, home location register data, and crucial security keys with over 278 gigabytes of data compromised, prompting an inter-ministerial security audit.
In July, a data breach in early 2024 resulted in the theft of over $230 million from WazirX, an Indian cryptocurrency platform, following vulnerabilities in its multisig wallet managed by Liminal. WazirX is reportedly dealing with a hacked wallet, panicked customers, substantially reduced holdings, and frozen assets. Customers are waiting for compensation as well as clarity from the crypto exchange that claimed to be India’s largest by volume.
In October, Chennai-headquartered Star Health Insurance admitted a massive data breach that has exposed sensitive information worth 7.24 petabytes, making personal information of about 31 million customers, including insurance claims, government ID cards, and detailed medical reports, among others. The information was exposed through Telegram bots. Shortly after, Star Health filed a legal complaint with the Madras High Court against Telegram for hosting the chatbots and Cloudflare for their roles in hosting the hacker group’s websites on its service.
Some more data breaches in 2024
Telangana Police Hawk Eye App Data Breach: A hacker exposed the sensitive data of 200,000 Telangana citizens through the police's Hawk Eye app, leading to an arrest thanks to alert reports.
Tamil Nadu Facial Recognition Portal Data Breach: The Tamil Nadu police’s Facial Recognition Software portal was breached using employee credentials, but no direct compromise occurred as the interface remained secure.
NDMA Data Breach: A breach at the National Disaster Management Authority exposed the personal data of 93,000 volunteers, offered for sale on the dark web.
Hyundai Motor India Data Leak: Hyundai resolved a data breach caused by flawed web links, exposing customer information following service completion.
UP Marriage Assistance Scheme Fraud: Cyber fraud exceeding ₹1 crore occurred when hackers exploited the Uttar Pradesh Marriage Assistance Scheme website, leading to unauthorised payments.
Targeted cyber-attacks on Indian Governments: The hacker group Transparent Tribe targeted India's defenses, using phishing emails to breach critical sectors within government and defense industries.
Hackers Targeting the Indian Energy Sector: A cyber-espionage campaign targeting government agencies and the energy sector resulted in the exfiltration of significant data.
Uttarakhand Government Website Hacked: A cyber-attack rendered over 90 government websites in Uttarakhand non-operational, disrupting services significantly.
HDFC Life Insurance Breach: HDFC Life reported a cyber-attack resulting in the theft of sensitive customer data, prompting immediate action and police involvement.
In summary, cybercrime is posing a severe financial threat to individuals and businesses alike. According to IBM's annual Cost of a Data Breach Report, the average cost of a data breach in India reached an all-time high of ₹195 million in 2024, a 39% increase since 2020, and 9% from the prior year, as breaches grow more disruptive and further expand demands on cyber-teams. Cybersecurity Ventures predicts a 15% annual growth in cybercrime over the next five years, potentially reaching $10.5 trillion by 2025, up from $3 trillion in 2015.