The Government of India’s Swachh Bharat (Swachh City) program, which aims to raise awareness among people to eliminate open defecation and improve solid waste management, was launched in 2014. LeakBase Threat shares data from 16 million users of the Swachh City Programme.
CloudSEK security firm and Cyble share the details of the leaks. Data includes usernames, email addresses, password hashes, mobile numbers, one-time passwords, last logged-in time, and IP addresses. The database also comprises 101,718 unique email addresses and 15,835,111 unique mobile numbers.
The total weight of the data is around 1.25 GB, and the database has been listed on the Marketplace forum. These details could target users with phishing, smishing, social engineering, and identity theft. Since the data also has administrator and non-administrator accounts.
The brute-force attack shows the data may have been achieved on May 20 this year. Users of Swachh Bharat were advised to change their password and enable two-factor authentication. Swachh Bharat used to maintain 4041 towns alongside the grievances of India.