Cyber Incident Victim: Bihar Police Subordinate Services Commission

On January 29, 2021, cybersecurity firm CloudSEK identified a publicly accessible post on a surface web database sharing forum advertising the personal identifiable information (PII) of approximately 500,000 Indian citizens. The leaked data was linked to a police examination conducted on December 22, 2019, though the threat actor did not explicitly name the Bihar Police Subordinate Services Commission (BPSSC) in the advertisement. CloudSEK's XVigil threat monitoring platform detected the forum post, which included a sample dataset of 10,452 records hosted on a file-sharing service. Each record contained extensive personal details including full names, familial relations (father, mother, husband), mobile numbers, email addresses, gender, date of birth, marital status, and nationality. Physical identifiers such as permanent and correspondence addresses with house numbers, streets, villages, post offices, districts, states, and PIN codes were also exposed alongside biometric markers like identification marks.

The sample data further revealed sensitive examination-related information including transaction IDs, exam center codes, roll numbers, attendance records, and OMR sheet remarks. Notably, the leak included fields indicating candidates' legal histories such as debarment status, pending FIR cases, arrest records, acquittals in criminal cases, and good behavior bonds. The threat actor offered access to the complete dataset of 500,000 records through direct contact via email or Telegram, suggesting intent to monetize or further disseminate the information. The exposure created significant risks for affected individuals, enabling potential identity theft, financial fraud, and targeted phishing campaigns due to the comprehensive nature of the PII. No information regarding containment measures, organizational responses, or investigations was disclosed in the available source material.