Hacked data from Tamil Nadu Police’s FRS is being sold on the dark web

Hacked data from Tamil Nadu Police’s FRS is being sold on the dark web
Hacked data from Tamil Nadu Police’s FRS is being sold on the dark web

The Tamil Nadu police’s FRS webpage was hacked, exposing over 60 lakh records. Data was cross-checked against the CCTNS database.

Hackers gained access to the Tamil Nadu police’s Facial Recognition Software (FRS) portal on Friday night by using a team password and ID, resulting in a significant data leak.

Launched in October 2021, the platform features more than 60 lakh individual records, images, names, FIR numbers, and other information on police personnel. More than 46,000 individuals in the department utilize it. The government will locate and pursue suspects, missing individuals, and others using facial acknowledgement.

Falconfeeds.io brought attention to the breach on the social networking platform X, stating that data samples from the police FRS portal were being sold on the black web.

Officials from the State Crime Records Bureau (SCRB) and the Center for Development of Advanced Computing (CDAC) are attempting to determine the scope of the FRS portal security breach. An officer informed TśI that “an internal investigation is being ordered.”

The hacker, Valerie, shared a sample face recognition report query from the Basin Bridge police station that displayed the top 20 matches and was submitted by a police officer.

“The login and password of a sub-inspector were utilized by the hacker. He could only confirm his involvement in any criminal proceedings by sending a photo, and his access to the internet was restricted.” “No data was stored in the FRS portal,” stated another officer. To determine whether the suspect was connected to any of the crime cases, the entered data was carefully examined against the Crime and Criminal Tracking Network and Systems (CCTNS) backend database.”

Data privacy campaigners have criticized the FRS portal, which CDAC-Kolkata built and developed, pointing out that there is a possibility of exploitation.

“The FRS application is used for capturing the images of wanted people, missing people, and unidentified corpses from the CCTNS database,” according to an official statement from Tamil Nadu DGP Shankar Jiwal’s office. Currently, 46,112 people in the state are using the FRS. TNEGA completed the most recent security audit on March 13. After some investigation, it was discovered that the admin account password had been hacked. The statement further stated that the admin account can only examine front-end details and has restricted rights, including the ability to create user IDs and query searches.

The breach has been reported by the police to TNEGA, CDAC-Kolkata, and the Electronics Corporation of Tamil Nadu in order to initiate appropriate action.

“The admin account has been disabled as a precaution. The Tamil Nadu police claim that the unauthorized user was only able to examine the front-end data and was therefore unable to access the backend or primary server data. Additionally, a complaint has been made to the cybercrime wing.

Also readPublic transit apps prioritize cybersecurity measures to protect their digital systems and safeguard passenger data, says Narayan Mishra Co-founder & CTO at Tummoc – a public transit app

Do FollowCIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter 

About us:

CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.

CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.