National Aids Research Institute

The National AIDS Research Institute (NARI), operating under the alias res.in and headquartered in India, is a governmental research body dedicated to the study and control of HIV/AIDS. Its core mission encompasses epidemiological surveillance, clinical research, and the management of sensitive patient data related to HIV testing and treatment. As a national institution, it serves a critical public health function within India, handling vast quantities of confidential medical information as part of its mandate to monitor and combat the epidemic. The institute's work inherently positions it as a custodian of highly sensitive health data, requiring robust security protocols to protect patient privacy and maintain public trust in its research and services.

In January 2017, NARI experienced a significant security incident when the Shad0w Security hacking group breached an internal server, compromising more than one gigabyte of sensitive HIV test results. The attackers gained initial access by obtaining administrator credentials stored in a plaintext file, which subsequently enabled a broader network infiltration. While the group exfiltrated data, they publicly leaked only a limited dataset to demonstrate the vulnerability, explicitly withholding the full trove to prevent direct patient harm and to clarify their objective was to expose perceived institutional security failures within the Indian government rather than target individuals. The hackers acknowledged the organization's security measures were otherwise adequate but criticized the specific failure in credential management, noting their random targeting approach was designed to circumvent predictable defensive patterns. This breach highlighted the persistent challenge of safeguarding critical health data even within specialized governmental research entities and underscored the potential for ethical dilemmas when security researchers disclose vulnerabilities involving profoundly personal medical information. The incident remains a noted example of how inadequate internal practices can undermine the security of sensitive public health infrastructure.