Overview

On October 9, 2023, the Indian Council of Medical Research (ICMR) faced a massive data breach, with personal details of 815 million residents exposed. This breach, one of the largest in medical research history, involved data from the ICMR’s Covid-testing database offered for sale on the dark web, including sensitive information such as names, ages, addresses, and government ID numbers.

Impact and Response

The breach has raised serious questions about the security measures at ICMR, prompting an immediate response from cybersecurity firms and government agencies to mitigate the impact. The event underscores the vulnerability of medical data and the devastating potential of cybersecurity lapses in healthcare and research sectors.

Lessons Learned

This incident highlights the need for robust security frameworks in medical research institutions. It serves as a critical reminder of the risks associated with handling large volumes of sensitive data and the importance of implementing stringent data protection policies and practices.

Source: IT Governance UK Blog