In what has emerged as a significant concern for businesses, governments and individuals, in 2024, 45 highly active threat actors were involved in posting or selling databases and unauthorised access, alongside less active actors, cybersecurity company CloudSEK's year-end review has found. They caused significant data breaches or targeted well-known companies in India.
Finance and banking sectors experienced the highest number of victims at 20, primarily due to the sector's reliance on digital infrastructure and the sensitive financial data it holds. This was followed by the government sector with 13 victims, telecommunications with 12, and the healthcare & pharma and education sectors with 10 and 9 victims, respectively.
These threat actors were responsible for selling approximately 4,446 million lines of records and 12,332 gigabytes of data from India this year, according to the report.
Major 2024 Data Breaches
The CloudSEK review highlighted some major cyberattacks targeting the following organisations:
Hi-Tek Group: Around 850 million records of Indian citizen data were breached from the debt collection agency.
Star Health Insurance: The breach exposed the private data of 3.1 crore consumers, which was purportedly sold by an insider.
Telecommunications Consultants India Limited: Around 2TB of data was reportedly stolen by threat actors from the government-owned engineering and consultancy company.
Shell: The breach reportedly exposed database of almost 80,000 Shell customers on a hacker forum.
Top Active Threat Actors
Below were the top threat actors targeting organisations in India:
Markitto35: 30 victims (finance & banking: 6, education: 3, healthcare & pharma: 3; IT & technology: 2; manufacturing: 2; other sectors: 14
Whatisdb
Frog
Tanaka
xenZen
InterlBroker
Ransomware Groups Targeting India
From the 108 incidents CloudSEK analysed, it was found that Lockbit was the most active ransomware group in India, being responsible for over 20 incidents in the country. This was followed by over 15 targets by Killsec. Ransomhub ransomware was responsible for more than 12 incidents in the country.
Essential Business Intelligence, Continuous LIVE TV, Sharp Market Insights, Practical Personal Finance Advice and Latest Stories — On NDTV Profit.
