In 2018, however, the EPFO denied its systems were compromised after reports about the alleged data breach first surfaced.
In 2018, however, the EPFO denied its systems were compromised after reports about the alleged data breach first surfaced.Information leaked in an alleged Employees' Provident Fund Organisation (EPFO) data breach in 2018 that impacted millions of Indians was found to have been 'repackaged' by a Chinese cyber agency, The Indian Express reported quoting a preliminary probe by India's cybersecurity agency.
In 2018, however, the EPFO denied its systems were compromised after reports about the alleged data breach first surfaced. The EPFO said the vulnerability was exploited from the systems of Common Services Centres (CSCs).
Indian government's response, action
A treasure trove of information was leaked on Github reportedly as part of documents related to Chinese cyber agencies, a senior government official told the news outlet. The official further said that this indicates that these agencies were either responsible for the initial breach or had acquired the compromised data after that.
After this, Ministry of Electronics and Information Technology's (MeiTY) Indian Computer Emergency Response Team (CERT-In) sprung into action. CERT-In started a probe into whether the data in these documents was new or collated from the breaches in the past.
As per the leaked information on Github, the leaked data claims that it information from across government and private Indian institutions. It claims to have data not related to EPFO but also that of BSNL users and information with companies including Tata Group-owned Air India and Reliance Industries.
"CERT-In had carried out a preliminary probe into the claims and it appears that the EPFO data present in the documents is from 2018 when its systems were impacted," an official said. At the time of the data breach in 2018, a senior EPFO official noted the suspected data leak did not happen on the server or software run by the EPFO but on the CSC software.
A CSC official, however, denied the claims and claimed the concerned application was on the EPFO server and the CSCs did not have anything to do with the incident whatsoever. Despite the blame game between the EPFO and the CSC in 2018, the CERT-In's findings confirm that the EPFO system was compromised in 2018.
Rising cyberattacks against India
The revelations come amid a spate of rising cyberattacks against India, including cyberattacks on organisations like the Indian Council of Medical Research (ICMR), Taj Hotels, state-run All India Institute of Medical Sciences (AIIMS) and BSNL. State-sponsored cyberattacks against India saw a massive 278 per cent increase between 2021 and September 2023, according to a report from November 2023.
Q1 results: RIL, Wipro, Axis Bank, HCL Tech, others to post earnings next week; check date
AAIB Air India crash report raises more questions: Aviation experts
'Don’t draw conclusions from pilots’ brief chat': Civil Aviation Minister on Air India crash report
'Why did you cut off the fuel switches?': Air India report says both engines of AI-171 cut in 1 second
Built to resist errors, then how did Air India 171’s fuel switches flip midair? Here's what we know
AI171 Crash: AAIB Finds Fuel Switches Turned Off Seconds After Takeoff
Ajay Srivastava: Jane Street Case Shows Urgent Need for Timely Regulatory Action
Bihar Election 2025: Election Commission Has Kicked Off A Review Of Electoral Rolls - Special
Helios Flexi Cap Fund Delivers 27% CAGR: Why Dinshaw Irani Is Still Bullish On BFSI & NBFCs ?
Mahindra XEV 9E Tech Check: Car, Lounge, AI Computer All-In-One
Q1 results: RIL, Wipro, Axis Bank, HCL Tech, others to post earnings next week; check date
Dividend, bonus shares: TCS, Bharti Airtel, others to turn ex-dates next week
SEBI cracks down on Jane Street in landmark derivatives market case 
Sensex plunges 690 pts, Nifty below 25,150; IT stocks hit hard
F&O frenzy is a shortcut to bankruptcy: Devina Mehra warns retail investors