Massive Voter Data Leak: 790K Personal Details Compromised

A threat actor has allegedly leaked over 790,000 voter records from Mumbra Kalwa and Karmala Town on the dark web, exposing sensitive details such as names, Electoral Photo Identity Card (EPIC) numbers, and addresses.

This incident adds to growing concerns about election security in India, which has faced multiple cyber-attacks and data leaks ahead of its 2024 general elections.

Details of the Leaked Data

The exposed records include:

• EPIC numbers (unique identifiers for Indian voters)
• Full names
• Residential addresses
• Demographic information

Security analysts suspect the data originated from compromised third-party systems used for Know-Your-Customer (KYC) verification, a pattern observed in previous leaks involving Aadhaar and PAN details.

The threat actor shared samples of the data on Telegram channels and dark web forums, with cybersecurity firm Resecurity confirming the authenticity of some records through government verification portals.

Technical Context

• Dark Web Exposure: The data surfaced on underground markets, where cybercriminals trade stolen information for identity theft, phishing, or disinformation campaigns.
• Data Breach vs. Leak: While a breach involves unauthorized external access (often malicious), a leak typically results from accidental exposure due to misconfigured systems or insider negligence. Preliminary evidence suggests this incident combines elements of both – likely originating from breached third-party vendors.

Broader Implications for Election Security

1. Foreign Interference: Nation-state actors could weaponize voter data to spread deepfake-generated disinformation, exploiting India’s geopolitical significance.
2. Identity Fraud: Leaked EPIC numbers enable fake voter registrations or synthetic identity creation, undermining electoral integrity.
3. Systemic Vulnerabilities: The breach follows a 2023 leak of 81.5 crore Indians’ Aadhaar and passport details and a separate 7.6 million-record exposure linked to the Election Commission of India.

Historical Parallels

• In 2023, hacker ‘pwn0001’ leaked 815 million Indian records on Breach Forums, including Aadhaar-linked KYC data.
• The 2016 Philippines COMELEC breach exposed 1.3 million voter records, demonstrating how compromised election databases enable long-term fraud.

Cybersecurity Recommendations

Resecurity urges Indian authorities to:

• Audit third-party vendors handling voter data
• Implement zero-trust architecture for KYC systems
• Deploy AI-driven anomaly detection to flag suspicious data access.

Experts warn that unprotected voter databases create entry points for Advanced Persistent Threat (APT) groups aiming to destabilize democracies through hybrid warfare tactics.

With India’s elections spanning April–June 2024, securing digital infrastructure remains critical to maintaining public trust in democratic processes.

This incident underscores the urgent need for robust data loss prevention (DLP) strategies and cross-agency collaboration to mitigate risks in one of the world’s largest electoral exercises.

Also Read: