A threat actor by the name of LeakBase has shared a database containing personal information allegedly affecting 16 million users of Swachh City, an Indian complaint redressal platform.
Leaked details include usernames, email addresses, password hashes, mobile numbers, one-time passwords, last logged-in times, and IP addresses, among others, according to a report shared by security firm CloudSEK with The Hacker News.
The website is currently inaccessible.
The Swachhata Platform is part of the Indian government's Swachh Bharat Mission (translated as Clean India Mission) nationwide initiative to "achieve universal sanitation coverage."
According to Cyble, the database comprises 101,718 unique email addresses and 15,835,111 unique mobile numbers, putting users at risk of phishing, smishing, social engineering, and identity theft.
Unlock the secrets to bulletproof incident response – Master the 6-Phase process with Asaf Perlman, Cynet's IR Leader!Don't Miss Out – Save Your Seat!
The cybersecurity firm said that the breach possibly leveraged compromised credentials belonging to administrator and non-administrator accounts, likely obtained by means of a brute-force attack.
An analysis of the dataset also showed that the latest login was observed on May 20, 2022, indicating that the threat actor performed the exfiltration activity on that date.
Users of the service are recommended to implement a strong password policy, rotate passwords, and enable two-factor authentication.