Indian Government Emails Discovered Roaming on the Dark WebByBill Toulas-February 1 2020 1668 While emails may have been exchanged by crooks for quite some time, this has just been discovered out. It is time for vital government entities to use physical security keys 2Fa and even better 2Sv. Researcher Sai Krishna Kothapalli has discovered on the dark web 3202 email Ids belonging to people working on the Indian government and various state organisations. For the past four years, the infosec specialist has been gathering dump data on the dark web, building a humongous 1,8 billion email IDs and password database. According to him, about 85 per cent of the passwords he keeps are in plain text form, while others have been dehashed over the years by hackers. Kothapalli recently found some ending with “.gov.in” after analysing this data trove. The 365 email Ids belong to the ‘ Atomic Research Center Indira Gandhi ‘ employees. The ‘ Bhabha Atomic Research Center ‘ with 325 email Ids is just behind. The “Securities and Exchange Board of India” with 157 emails is in third place. In sum, as shown in the graph below, the 3202 emails belonged to 12 entities 1669 The researcher is still analyzing the data and is in the process of contacting government agencies to warn them of his findings. He points out that when he began investigating this, someone who posed as a reporter for Ndtv confronted him. After further investigation he found that in the previous months the email accounts used to reach him had been hacked and that this was linked to North Korean hackers by reports from back in time. The North Korean hackers sent hacking emails to the former chairman of India’s Atomic Energy Commission(Aeci), the secretary to India’s government and the director of the Bhabha Atomic Research Center(Barc). Pic.twitter.com / Ucv01aCq2X IssueMakersLab (@issuemakerslab) November 2 2019 This could all be the work of state-sponsored North Korean security key players.