Cyber update Archives - Page 2 of 8

16 Billion Logins Stolen In Mega Data Breach Threatening Apple, Google and More

In a massive global data breach, hackers have leaked 16 billion login credentials, exposing users of platforms like Apple, Google, Facebook, GitHub, and even government services, according to Forbes. The breach was uncovered this week by cybersecurity researchers who found the records in 30 unprotected datasets, some containing up to 3.5 billion entries each. Cybersecurity experts first noticed a mysterious open database containing 184 million records, which has now proven to be only a small part of a much larger breach. Researchers have since confirmed 30+ datasets leaked online, containing VPN logins, social media accounts, and developer platform access. The breach is not a recycling of old data but fresh, high-value information collected throughout 2025, making it dangerous and exploitable for phishing attacks, account takeovers, and business email compromise (BEC) schemes. “This is not just a leak — it’s a blueprint for mass exploitation,” warned the research team cited in Forbes. Darren Guccie, CEO of Keeper Security, emphasised that the leak’s scale and nature pose “far-reaching risks” to users across sectors. Google has responded by urging users to move beyond traditional passwords and 2FA, and instead adopt passkeys, which are biometric login systems using fingerprint or facial recognition. “Passkeys are phishing-resistant and safer than passwords,” Google stated. Advice: This mega breach highlights how credential leaks remain one of the top cyber threats globally. The fact that the stolen logins are fresh and tied to major platforms increases the urgency for users to act. Cyber Safety Tips: Switch to Passkeys or biometric login methods wherever possible Update your passwords immediately, especially for sensitive accounts Enable multi-factor authentication (MFA) Avoid clicking on suspicious links or emails asking for logins Report scams or suspicious activity at cybercrime.gov.in

IIT graduate among 15 held in Telangana for circulating child porn

TGCSB arrests repeat offenders in state-wide operation; links to trafficking uncovered. Telangana Police arrested 15 individuals, including an IIT graduate, on 18 Jun 2025 for the possession and circulation of child sexual abuse material (CSEAM). The operation followed 57 cyber tip-offs, resulting in 34 FIRs across multiple districts, with cases registered under the IT Act and POCSO laws. The Telangana Cyber Security Bureau (TGCSB), acting on inputs from the Cyber Tip line and in collaboration with NCMEC, ICMEC, and I4C, carried out a coordinated state-wide crackdown. Offenders were arrested from Hyderabad, Warangal, Karimnagar, Jagtial, Jagadgirigutta, and Yadagirigutta. The arrested individuals, aged between 19 and 50, largely belonged to working or middle-class backgrounds. Shockingly, an IIT graduate from Nizamabad, employed at a reputed company, was among those caught. Investigators revealed that the content was being downloaded, stored, and sometimes shared via encrypted platforms. Many of the accused were repeat offenders, tracked using digital forensic evidence and shared intelligence. Further investigation uncovered human trafficking links, with tribal women from remote Telangana mandals like Kerameri and Tiryani being targeted and sold to brothels. One victim managed to escape from Madhya Pradesh and returned home last month. In a related case, Asifabad police arrested six people, including a police constable, while three more remain absconding. Constable Haridas, one of the accused, had prior involvement in similar crimes. Quote from Official: “This is a warning that online child abuse will not go unpunished. We are using every resource to trace and prosecute offenders,” said a senior TGCSB official. Advice: This case highlights the alarming rise in online child exploitation and trafficking, even involving educated individuals and repeat offenders. TGCSB’s CPU unit, launched in February 2025, has already registered 294 FIRs and made 110 arrests, a sharp increase from prior years. Public Safety Tips: Report suspicious online content or activity involving children on cybercrime.gov.in (Women & Child tab) or dial helpline 1930 Do not download or forward any explicit or suspicious content — it’s illegal Educate children and parents about online safety, digital boundaries, and privacy settings Enable parental controls and monitor app permissions regularly

Tea stall owner loses Rs 2.36 lakh in UPI fraud; cyber police nab accused in North-East Delhi

Cyber Police arrest a 21-year-old in North-East Delhi for exploiting a lost SIM card to drain the victim’s bank account via UPI. After his SIM card vanished, a tea shop owner in Seelampur, New Delhi, lost ₹2.36 lakh in a UPI scam. On June 19, a 21-year-old suspect was taken into custody by the North-East District Cyber Police of Delhi, who also retrieved important evidence, such as SIM cards and a cell phone used in the scam. On June 4, days after discovering unauthorised UPI transactions from his wife’s bank account, the victim, Gareeb Nath Gupta, reported the crime. His Samsung keypad phone with an active SIM card vanished on May 27. Fraudulent transactions were conducted using the lost SIM between May 28 and June 2. To link the activity to an Airtel Payments Bank account, a special cybercrime unit under the direction of Inspector Rahul Kumar and overseen by ACP Mangesh Gedam employed digital forensics and technical surveillance. The culprit, Md. Monish, a mobile phone repairer from Delhi’s Janta Mazdoor Colony, acknowledged buying stolen phones with SIM cards still in working order. He transferred money using UPI apps and accessed connected bank accounts using them. One cell phone and two SIM cards have been found by the police, and ₹35,000 has been frozen. They are now investigating a wider network, possibly involved in similar cybercrimes. Quote: “This case shows how even basic phone users are vulnerable. People must immediately block SIM cards if lost and monitor bank accounts closely,” said an official from Cyber PS, North-East Delhi. Advice: The instance demonstrates how low-tech thefts, such as lost phones, can be taken advantage of online, particularly with SIM cards connected to UPI. It also demonstrates how cybercriminals target non-technical individuals as well. Cyber Safety Tips: If your SIM card is lost or stolen, block it right away. Make sure all UPI and banking apps have two-factor authentication (2FA) enabled. Don’t store bank account information or UPI credentials on outdated or unprotected phones. Observe bank statements regularly and report any questionable activity on cybercrime.gov.in.

Telangana Cyber Security Bureau signs MoU with NALSAR to combat cybercrime

MoU aims to reform cyber laws, boost investigations, and train law enforcement through a legal-forensic partnership. To improve cyber law enforcement in Telangana, the Telangana Cyber Security Bureau (TGCSB) and NALSAR University of Law, Hyderabad, inked a Memorandum of Understanding on June 18, 2025. In order to combat the growing threats of cybercrime, this collaboration attempts to combine TGCSB’s operational skills with legal education, forensic science, and policy research. Telangana DGP Jitender was present when TGCSB Director Shikha Goel and NALSAR Vice-Chancellor Srikrishna Deva Rao signed the memorandum of cooperation. Officials said the partnership will assist in developing rules on data protection, financial fraud, and digital evidence, as well as modernising important legislation like the Information Technology Act of 2000. A Legal and Forensic Advisory Unit will be established by TGCSB to support investigations into cybercrime. This section will provide professional legal assistance during investigations, assist in creating victim-centric compensation procedures, and develop digital dispute resolution solutions. Specialised training modules on cyber legislation, forensic procedures, and digital evidence management will also be created for police and judicial personnel. It is anticipated that this interdisciplinary approach would enhance the legal response to intricate cyber offences. Telangana DGP Jitender noted, “This MoU is a critical step in merging policy insight with ground-level enforcement.” NALSAR’s Rao added, “It is a societal service to build a future-ready legal framework to fight cybercrime.” Shikha Goel called it a “model for the nation”, highlighting the urgency of updating legal and forensic tools to meet the fast-evolving cyber threat landscape. Advice: This alliance between TGCSB and NALSAR marks a significant move toward creating a holistic and efficient cybercrime control system in Telangana. It blends law, policy, education, and enforcement into one framework. Public is advised to: Stay updated on cybercrime trends through government advisories. Turn on two-factor authentication for every account and device. Refrain from downloading programs from unidentified sources or clicking on dubious links. Report incidents immediately at cybercrime.gov.in or contact the local cyber cell.

Govt acts on online misinformation on Operation Sindoor infra, banks on cyber threat alert

The government has ramped up efforts to counter misinformation about Operation Sindoor and placed key infrastructure sectors on high cyber alert following recent terror-linked cyberattacks. Social media platforms are being monitored, with false content actively blocked and users urged to rely on official sources. According to a senior government source, social media platforms are “continually monitoring” for false information about Operation Sindoor by the ministries of information technology and information and broadcasting. These platforms have been requested to block any illegal content. Critical infrastructure agencies and organisations, including the Power Ministry, banks, telecom providers, and other financial institutions, are also on “high alert” after being the target of multiple cyberattacks in the wake of last month’s Amalgam terror incident. “We have contained the DDoS attacks that have been launched against certain infrastructure. We are currently on high alert since similar attempts will undoubtedly be attempted,” the person stated. An assault known as a DDoS (Distributed Denial of Service) occurs when a hacker floods a server, network, or website with malicious traffic from several sources, rendering it unusable or sluggish for authorised users. At a conference between representatives of the two ministries on May 7, 2025, in the afternoon, it was acknowledged that false information about India’s strikes on nine locations in Pakistan and Pakistan-occupied Kashmir (Pok) was widely disseminated on social media sites like X. Since people were making a variety of claims online, it was determined that the government would need to keep a careful eye on such content and use its legal tools to stop its spread. From images of unrelated strikes to video game footage, social media platforms turned into a battlefield for internet disinformation campaigns starting in the early hours of May 7. Online reports that Pakistan shot down an Indian Rafael jet were reportedly accompanied by images of a downed aircraft. The fact-check unit of the Press Information Bureau (PIB) has stated that the images were outdated. Other widely circulated accusations about the airstrikes have also been verified by the unit. Users of social media platforms have been cautioned by the authorities to use caution. “Avoid sharing or relying on unconfirmed information. For factual information, see the Government of India’s official sources,” the IT Ministry stated in several posts on X. 16 Pakistani YouTube channels, including well-known ones like Dawn News, Samaa TV, Ary News, and Geo News, were banned by the government following the Pahalgam terror incident for spreading misleading information and content that was sensitive to the community.

Fake News Alert: Operation Sindoor – Your Responsibility, Our Nation’s Safety

India has conducted a strong military operation, “Operation Sindoor,” targeting terrorist bases in Pakistan. As soon as this news broke, social media platforms were flooded with real, fake posts, and others purely for attention. In times like these, the biggest support you can give your country is by sharing only verified and responsible information. What You Should NOT Do Don’t Share Fake or Unverified News: Many pages and channels post edited, misleading, or completely fake news for views and likes. Sharing such content without verification can endanger national security. Never Share Army Movements or Sensitive Videos: Posting or forwarding pictures/videos of our Armed Forces’ real-time movements or locations is a serious breach of security. Your post might unintentionally aid the enemy. Don’t Spread Rumours, Memes, or Jokes About Attacks: Making fun or spreading baseless gossip during such tense times is not only insensitive, but it also contributes to disinformation. What You SHOULD Do Follow Only Official Sources: Trust information from official government handles (PIB, Ministry of Defence), verified news channels, and authorised press releases. Think Before You Share: If a post lacks source credibility or seems emotionally manipulative, don’t forward it. Report Fake News: If you come across misleading or provocative content, report it on the platform. While our soldiers are fighting on the front lines, we must become digital soldiers by standing for truth and acting wisely. Make your posts strengthen the nation, not weaken it. Civil Defence Drill to Boost Emergency Readiness: Do not post any objectionable post or make any wrong comments on social media regarding the mock drill. Do not spread any misleading false rumours on social media. A civil defence mock drill will be conducted across the country on May 7 to enhance emergency preparedness after the Pahalgam terror attack. The drill will test air raid warning systems, shelter preparedness and evacuation procedures. Civil defence volunteers, including NCC cadets, home guards and students, will participate in the simulation to remain prepared for hostile situations. The drill aims to strengthen civil defence preparedness and train volunteers in first aid, evacuation and emergency protocols. Verify before you post. Think before you share.

Govt. Mulls Ban on Influencers Spreading Anti-National Content Post-Pahalgam Attack

The government may ban social media influencers and platforms spreading anti-national content after the Pahalgam attack. The IT Committee has demanded action reports from ministries by May 8 amid rising tensions and UN calls for restraint. Following the terror assault in Pahalgam on April 22, 2025, the Parliamentary Standing Committee on Information Technology has voiced grave concerns about the role of specific social media platforms and influencers. The committee pointed out that some of these organisations seem to be working against the nation’s interests and may be encouraging violence with their content. The committee has urged the Ministry of Electronics and Information Technology and the Ministry of Information and Broadcasting to act quickly and decisively in response to these findings. The Information Technology Act of 2000 and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules of 2021 specifically seek information about the steps being considered to outlaw such platforms and accounts. Following the terror assault in Pahalgam on April 22, 2025, the Parliamentary Standing Committee on Information Technology has voiced grave concerns about the role of specific social media platforms and influencers. The committee has given the ministries until May 8, 2025, to provide a thorough report detailing the actions they have taken or plan to take to stop the spread of dangerous content. This action demonstrates the government’s will to prevent incitement and actions that could jeopardise national security from taking place on digital platforms. Section 69A of the IT Act, 2000, gives authorities the authority to ban or remove content that endangers public order, security, sovereignty, or goodwill with other countries. According to the 2021 IT Rules, platforms must designate grievance officers, remove illegal content as soon as possible, and apply due care in content management. Five extremists targeted visitors in the Baisaran Valley with the Pahalgam incident, which has greatly increased tensions in the area and drawn global criticism. Additionally, the attack has led to a rise in anti-Kashmiri and Islamophobic attitudes throughout India, with social media being a key platform for the spread of divisive messages. UN chief asks India, Pakistan to step back from the brink Concerned that India-Pakistan tensions were “at their highest in years,” UN Secretary-General António Guterres urged “maximum restraint and stepping back from the brink” on May 5, 2025. “Make no mistake: A military solution is no solution,” Guterres stated in a succinct declaration. Guterres offered both governments his “good offices” in the interest of peace. “The United Nations stands ready to support any initiative that promotes de-escalation, diplomacy, and a renewed commitment to peace,” he stated.

Madras University Cyber Forensics Course Marks 20 Years of Innovation

Madras University’s Cyber Forensics course, launched in 2004, has evolved into a postgraduate program producing over 750 graduates with strong industry placements. Recognized as a Centre of Excellence, it offers cutting-edge cybersecurity and digital forensics training. According to the previous department head and course founder-director R. Thilagaraj, the department developed a postgraduate diploma in cyber forensics and information security for police, courts, and business executives in 2004. Because of the positive reaction, it was changed to a postgraduate degree course the following year. Cybersecurity was still in its infancy. He remembers, “Some of the organizations we visited asked why they needed it.” When the first group graduated in 2007, employers were reluctant to hire them. According to S. Latha, the founder of the course and current director of the Centre for Cyber Forensics and Information Security, the first group of alumni is currently working for multinational banks. Up to 750 students have already received their diplomas. With a government grant of ₹1 crore, the centre was elevated as a Centre of Excellence in 2009, and she adds that it became an independent department with the then-Governor-Chancellor’s approval. The cost of tuition is ₹8,500. The course covers the most recent developments in the fields of digital forensics, information security audit, cyber criminology, and information security. Students have benefited from a course that the University of Madras‘ criminology department introduced 20 years ago. According to the previous department head and course founder-director R. Thilagaraj, the department developed a postgraduate diploma in cyber forensics and information security for police, courts, and business executives in 2004. Because of the positive reaction, it was changed to a postgraduate degree course the following year. Cybersecurity was still in its infancy. He remembers, “Some of the organisations we visited asked why they needed it.” When the first group graduated in 2007, employers were reluctant to hire them. According to Latha, the founder and coordinator of the course and current director of the Centre for Cyber Forensics and Information Security, the first group of graduates is currently working for multinational banks. Up to 750 students have already received their diplomas. With a government grant of ₹1 crore, the centre was elevated as a Centre of Excellence in 2009, and she adds that it became an independent department with the then-Governor-Chancellor’s approval. The cost of tuition is ₹8,500. The course covers the most recent developments in the fields of digital forensics, information security audit, cyber criminology, and information security. “Our alumni are placed in Google, Ernst and Young, Deloitte, HCL, Infosys, and even government agencies.” “The course offers 100% placement in corporate houses, software companies, information security auditing firms, banks, telecom industries, and financial institutions,” Ms. Latha explains. A cyber forensics lab has also been established by the department. Students conduct research in important fields of digital forensics and cybersecurity. As part of the RUSA Arumbu project, a student was recently given seed money to verify the legitimacy of AI-generated images, audio, and video. According to Ms. Latha, “a lot of students have worked in identifying ransomware attacks, phishing links, and fake profiles.” In addition to helping with placement, industry professionals who also teach classes created the syllabus. “The government should consider hiring at least a percentage of police with a master’s degree in cyber forensics and information security in the technical wing, as cybercrimes are on the rise and the majority of cases in the future are likely to be related to cybercrime,” she continues. Students who joined the program after graduating with a BCA, such as Vikram T, Farheen Fathima, and Mohamed Thalal, are now guaranteed a respectable compensation package for their campus placement. Every semester, the students work on a project, and the final dissertation they produce is based on actual business issues. According to guest faculty member C. Vishnupriya, having professionals from the industry on the team aids students in comprehending real-world issues. She adds, “They also value it when students solve problems.”

Held Hostage on WhatsApp: Cybercriminals Extort ₹56 Lakh from Retired Teacher

A retired teacher in Ghaziabad was digitally held hostage via WhatsApp for 28 days and extorted of ₹56 lakh by scammers posing as TRAI officials. Police have filed a case under cybercrime laws and frozen the linked bank accounts. Ghaziabad: Archana Khare, a former Vaishali teacher, endured a startling adventure when she was imprisoned online by cybercriminals for 28 days, from April 1 to April 28. Police said that the scammers pretended to be representatives of the Telecom Regulatory Authority of India (TRAI), accusing her of misusing her mobile number and threatening to disconnect her. Victim Forced to Transfer ₹56 Lakh in Fear Khare was forced to remain under constant surveillance using WhatsApp video chats every day from 9:30 AM to 5:30 or 6 PM while an inquiry was underway. This was especially true while her husband was gone at work. To clear her name, the thieves allegedly instructed her to go to KG Marg in Delhi and transfer funds from her savings, citing legal procedures. Over the 28 days, she was compelled to move ₹56 lakh to five separate domestic bank accounts. Now that these accounts have been located, the Ghaziabad police have taken steps to freeze them. Police Action under New Criminal Laws Following pertinent provisions of the Information Technology Act and the Bharatiya Nyaya Sanhita (BNS), a formal complaint was filed on May 1 at the Ghaziabad cybercrime police station. These consist of: Section 318: Infidelity Section 340(2): Electronic document forgery Section 204: Posing as a public official Extortion under Section 308(2) Crime-related intimidation, Section 351(4) Section 3(5): Shared purpose IT Act provisions for cyber fraud Ambuj Singh Yadav, ACP (Crime), emphasised the significance of public awareness while confirming that the inquiry is still underway.”A new kind of psychological coercion is digital arrest. “Timely reporting saved extra harm to the victim,” he stated. The Ghaziabad case serves as a terrifying reminder of how hackers are now using surveillance, impersonation, and fear as weapons to take advantage of victims. Verifying official communications and reporting suspicious calls to authorities right away are recommendations for citizens.

Tripura police freeze over 16,000 bank accounts linked to online fraud

Tripura Police have frozen over 16,000 bank accounts linked to online fraud, uncovering scams involving more than ₹26 crore. Plans are in place to establish a cybercrime police station in Agartala to strengthen future investigations. On May 02, 2025, officials declared that the Tripura Police’s cyber squad had blocked more than 16,000 bank accounts connected to online scams in a significant crackdown on cybercrime. It is suspected that over Rs 26 crore has been stolen in total through these cybercrimes. Via social media and messaging applications, criminals have been luring victims with lottery scams, phoney loan offers, and fictitious employment offers. Scammers frequently pretended to be bank employees to trick senior citizens. Blackmailing online has also increased. According to a police source, criminals frequently use video chats and altered recordings to extort money from lonely people. Between April 2024 and April 2025, 4,283 complaints were submitted through the National Cybercrime Reporting Portal. Police seized accounts worth Rs 3.38 crore and recovered Rs 25.77 lakh. Plans are underway to construct a dedicated cybercrime police station in Agartala, complete with skilled officers and cutting-edge equipment to better handle these types of crimes.

Cyber update