A ‘notorious threat actor’ has claimed to have hyper-sensitive and classified data of various Indian forces, including the Indian Army, Indian Air Force, and Border Security Force, and put it on sale in cyberspace. Threat actors can be a group or an individual involved in illegal cyber activities who pose a risk to an institution or a nation.

A top official dealing with such leaks told News18 that the group or individual has put 70 documents as ‘samples’ which have been analysed by different agencies working to control, analyse and take action against such leaks.

The threat actor has claimed to have data close to 40 GB containing 21,000 documents in more than 60 folders. As a sample, the group or the individual has uploaded close to 11 MB data to look for a buyer. The notorious threat group has prepared 16 sets of secret and classified data of different forces and put it on sale on a forum.

This was first noticed by a central agency which is also not denying the role of an insider and steps to prevent such leaks have been initiated.

An intimation has been given to all the relevant forces regarding the leak. An alert has also been issued regarding the threat actor (name withheld) who has been targeting Indian security and armed forces.

“This threat actor is notorious for releasing Indian defence data on various platforms,” a top-level government official said while quoting an official communication.

News18 has sent a query to BSF, Indian Air Force and Indian Army last week regarding the leak and the threat actor and their response is awaited.

The sources claimed that the notorious threat actor has been targeting the cyber system of Indian forces which contains confidential and sensitive data. Earlier, the same actor was noticed leaking data on cyberspace for sale in lieu of thousands of dollars.

All the forces have centralised as well as internal cyber security systems to protect cyber infrastructure from unauthorised access and required action has been initiated to deal with such leaks, another government official claimed.

What do the documents contain?

It has been learnt that the documents shared by the notorious threat actor contain confidential and sensitive information which is restricted to the defence grid of the country. The sources said the leaks have confidential annual reports, including the reports of explosives, notes prepared by forces, technical annual reports, layouts, and information related to communication, deployment etc apart from other sensitive and confidential architectures of Indian forces.

“The actor created an account on a forum in June to sell different data and was active on other forums,” the official said.