Ministry of Finance India Server Allegedly Breached: During a routine course of our dark web monitoring today, our research team came across a post where the India Ministry of Finance has been allegedly breached and full access to the servers has been posted for sale in a dark web forum by an anonymous user known as “Two 2”.
The threat actor, calling himself a ‘Database Seller | Private Hacker’, named the “Two 2” has advertised a database server breach on the BreachForums. This server reportedly contains data related to the website – finmin.nic.in, which is reportedly the website for Ministry of Finance India.
The threat actor mentioned that he is ready to sell the Full server access to breach forums and its users for a price range of $2500 and tagged his telegram ID in the post.
The threat actor has also released screenshots of the allegedly breached server which belongs to the Ministry of Finance India, showing the server configurations, breached path, and IP address.
The exposed path contains the domain finmin.nic.in. We did further analysis and deduced that the Server IP Address as mentioned in the post is the IP behind the domain finmin.nic.in.
Our team is actively following the thread to confirm the alleged claim and monitor the further activities.
It is to be noted that the Indian Adhaar database was also breached and leaked in October 2023 on Breach Forums.