ThoughtGreen Technologies

History

2024:500 GB of data from the Indian military and police were in the public domain

At the end of May 2024, it became known that during the general elections in India there was a massive leak of personal and biometric data. In the public domain were scans of fingerprints and faces of police officers, military personnel and ordinary citizens.

Information security expert Jeremiah Fowler reported that he managed to gain access to an unprotected database containing a variety of personal information via the Internet. These are confidential biometric information (up to tattoos), identification marks, as well as samples of signatures of police officers, military personnel, teachers and railway workers. In addition, birth certificates, email addresses, job applications, passports, diplomas, certificates and some other files were made publicly available.

𝓲

Unsplash

In total, it is alleged that the database contained 1,661,593 documents with a total size of almost 500 GB. These included 284,535 files relating to physical fitness tests for police and law enforcement officers. These are images of employees' signatures, some PDF documents, etc. Some files were stored in compressed.zip format. The leaked information dates back to 2021-2024.

The bulk of the publicly available data belongs to two Indian companies - ThoughtGreen Technologies and Timing Technologies. They provide application development services, RFID technologies and biometric verification. However, as of the end of May 2024, it is not clear which of these firms owns the server. Disclosed data can be used by attackers to organize personalized attacks and all kinds of fraudulent schemes aimed at stealing money.^[1]

Notes