An unidentified individual operating under the disturbing pseudonym “dawnofdevil” claimed to have compromised the security of Income Tax Department of India.
The implications of the Indian Income Tax Department’s security breach are potentially wide-ranging, with concerns over the confidentiality and integrity of sensitive information housed within the department. However, as of now, the allegations of a data breach at the Income Tax Department by the threat actor are yet to be confirmed.
India’s Income Tax Department on the Radar
The threat actor, “dawnofdevil,” claims to have gained access to an email account hosted on the domain revenuetax.gov.in.
THE pirate claims that the compromised email can be exploited for registrations on various Indian government-affiliated websites, exclusively those using the top-level domain “gov.in”.
According to a press release published by the piracy group, unauthorized access to an email account of the domain revenuetax.gov.in, directly linked to the Income Tax Department of India, is proposed to be exploited.
THE threatening actor has set a price of US$500 for this unauthorized access and actively encourages potential buyers to make contact through private channels.
Dawnofdevil also claims to have successfully tested the compromised email on several government-affiliated websites, confirming its effectiveness in bypassing registration processes.
THE Cyber The Express team contacted the Income Tax department officials to validate this claim; however, as of yet, no response has been received from the ministry.
The compromised domain under scrutiny is revenuetax.gov.in, the designated official website of the Income Tax Department of India. Notably, at the time of writing this report, it was observed that the official site remains fully functional.
This unauthorized access not only poses a direct threat to India’s security, given the critical nature of the Income Tax Department as a government entity, but also extends its impact beyond borders national. The Asia Pacific (APAC) region is directly affected, given the compromised domain’s association with an Indian government organization.
As the cybersecurity community investigates the extent of the Indian Income Tax Department’s security breach, there is growing focus on strengthening security measures to prevent unauthorized access and to protect sensitive government information from potential misuse.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only and users take full responsibility for their reliance on it. The Cyber Express assumes no responsibility for the accuracy or consequences of the use of this information.