India’s Ministry of New and Renewable Energy (MNRE) Breached, Threat Actor Claims on Hacking Forum

Summarize with:

ChatGPT Claude.ai Google AI Grok Perplexity

Add as preferred source on Google

• The Ministry of New and Renewable Energy in India was reportedly hit by a data breach.
• A hacker claimed to be holding the exfiltrated database that is supposedly for sale for a small price.
• Leaked data may include admin credentials, full names, phone numbers, dates of birth, email addresses, and more.

India’s Ministry of New and Renewable Energy (MNRE) has reportedly been the victim of a cyberattack, with a threat actor claiming to have exfiltrated sensitive data from the ministry’s official website, mnre.gov.in. 

The breach was announced on a prominent hacking forum on Monday, January 27, where the cybercriminal is offering the stolen data for sale.

The MNRE data set is being sold for $150 and is alleged to include the following details:

• Full names
• Administrative user credentials - Username and Password
• User Status
• Logs
• Mobile phone numbers
• Date of birth
• Email address 
• Home address
• Company Name
• Type of Company

TechNadu has cross-checked the data from the leaked sample, and it appears some details match personalities from the energy sector.

The hacker has not disclosed the exact method used to breach the government portal nor provided extensive proof of the compromised data’s authenticity beyond the claims made in their forum post.

At the time of writing, the MNRE has not yet issued an official statement regarding the attack. Their website currently operates as usual, with no visible disruptions or acknowledgments of the alleged breach. 

TechNadu has reached out to the MNRE for an official stance on the alleged security breach.

The Ministry’s main focus is promoting renewable energy initiatives like solar, wind, and bioenergy projects. This domain typically handles large volumes of data from various stakeholders, from policymakers to private sector collaborators. 

This breach adds yet another incident to the growing list of cyberattacks targeting high-profile government entities, both in India and globally. Such breaches can have far-reaching consequences, particularly when sensitive personally identifiable information (PII) is exposed.

Related

Weekly Cybersecurity News: They’re Getting In But They’re Not Getting Away

BreachForums Version 5 Data Breach Exposed 340,000 Accounts, ShinyHunters Claim Leak

Pro-Ukrainian Bearlyfy Ransomware Group Attacks Target Russian Companies

Cambodian Fraud Compound Operators ‘Legend Innovation’ and Crypto Marketplace ‘Xinbi‘ Sanctioned by the UK

Suspected Armenian Extradited for Operating RedLine Malware Scheme Following Co-Conspirator Arrest

GitHub Phishing Campaign Targets Developers with Fake VS Code Alerts that Urge the Patching of Fabricated CVEs

Your Weekly Cybersecurity Briefing

Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.

Subscribe for Free

Please enter a valid email address.

Most Popular

Weekly Cybersecurity News: They’re Getting In But They’re Not Getting Away

Mullvad Browser Alpha Update Adopts Rapid Release Model

IPVanish DSAR Process Explained: Access, Security Flow

BreachForums Version 5 Data Breach Exposed 340,000 Accounts, ShinyHunters Claim Leak

Pro-Ukrainian Bearlyfy Ransomware Group Attacks Target Russian Companies

Cambodian Fraud Compound Operators ‘Legend Innovation’ and Crypto Marketplace ‘Xinbi‘ Sanctioned by the UK

Weekly Cybersecurity News: They’re Getting In But They’re Not Getting Away

Mullvad Browser Alpha Update Adopts Rapid Release Model

IPVanish DSAR Process Explained: Access, Security Flow

BreachForums Version 5 Data Breach Exposed 340,000 Accounts, ShinyHunters Claim Leak

Pro-Ukrainian Bearlyfy Ransomware Group Attacks Target Russian Companies

Cambodian Fraud Compound Operators ‘Legend Innovation’ and Crypto Marketplace ‘Xinbi‘ Sanctioned by the UK