Indian company Seqrite, which specializes in cybersecurity, reported a data breach at INRegistry, the registry handling the national .IN domain and the country’s every internationalized domain, The Register reports. Seqrite researchers noticed an advertisement announcing the sale of data that provides secret access to servers of over 6,000 Indian businesses, including large internet providers and private and government organizations. Posing as interested buyers, the researchers contacted the advertisers, who provided screen shots. The screen shots indicated that the stolen data came from the INRegistry. According to Seqrite experts, cybercriminals could use the data to coordinate serious cyber attacks that could completely disconnect victims from the global network.
However, representatives of the national Internet Exchange of India (NIXI), which controls the INRegistry, denied these allegations. More specifically, they did admit that there had been an attempt to penetrate the system, but the criminals were not able to get their hands on any important data. They only managed to collect basic contact information of INRegistry’s clients and partners, which cannot be of any use for cyber attack coordination. NIXI’s representatives also assured that the system’s security protocol is rather strong, but the incident forced the company to review the infrastructure and further strengthen the protocol.
