Cybersecurity on Sale? Big Firms Hacked as Consulting Firms Cashed In — See Full List Inside!
Major Companies in India Hacked or Victims of Data Breaches (April 2022 – April 2025)
- Air India
What Leaked: Names, passport details, contact information, and ticket details.
Summary: Breach exposed sensitive passenger data, affecting over 4.5 million global customers.
- BigBasket
What Leaked: Names, email addresses, hashed passwords, phone numbers, and order details.
Summary: Over 20 million users’ data was leaked and put up for sale on the dark web.
- Bharat Sanchar Nigam Limited (BSNL)
What Leaked: Network configurations, employee data, and operational details.
Summary: Breach compromised critical telecom infrastructure, affecting security and operations.
- Cleartrip
What Leaked: Customer names, booking details, and partial financial data.
Summary: Unauthorized access to internal systems exposed user travel information.
- Domino’s India (Jubilant FoodWorks)
What Leaked: Customer names, delivery addresses, order history, and payment data.
Summary: Hacker posted 13TB of data including over 1 million credit card records.
ALSO READ: Now Open: Pan-India Registration for Fraud Investigators!
- Hathway
What Leaked: Subscriber contact details and usage patterns.
Summary: Breach impacted ISP users’ privacy and service information.
- Policybazaar
What Leaked: Personal data including names, phone numbers, and insurance-related info.
Summary: Cyberattack exposed data of thousands of insurance seekers and policyholders.
- Star Health Insurance
What Leaked: Medical records, claim history, and personal details of policyholders.
Summary: Over 6 million customer records were leaked, raising major health data privacy concerns.
- State Bank of India (SBI)
What Leaked: SMS logs, account details, and partial financial information.
Summary: System misconfigurations and phishing attacks led to exposure of sensitive banking data.
- Sun Pharmaceutical Industries
What Leaked: Internal emails, formulas, trade secrets, and IP documents.
Summary: Breach threatened company’s intellectual property and competitive advantage.
- Unacademy
What Leaked: Usernames, email addresses, encrypted passwords.
Summary: Data of over 22 million users was sold online after a breach of the edtech platform.
- Upstox
What Leaked: KYC data including PAN, Aadhaar, and bank details.
Summary: Breach compromised sensitive financial data of lakhs of stock trading clients.
Negligent Roles of Cybersecurity Firms in India
- Cybersecurity Consulting Firms
Often prioritize compliance over genuine security, delivering generic solutions that fail to address specific threats, yet charge exorbitant fees for minimal impact on security posture.
- Forensic Investigators
Post-breach investigations are frequently superficial, focusing on quick reports rather than root-cause analysis, leaving companies vulnerable to repeat attacks while billing heavily.
- Information Security Auditors
Audits are reduced to checkbox exercises, adhering to standards like ISO 27001 without ensuring robust defenses, providing a false sense of security for high costs.
- Compliance-Driven Industry
In India, cybersecurity has become a compliance business, driven by mandates like CERT-In’s 6-hour breach reporting rule, rather than fostering proactive security. Firms exploit this, offering services that meet regulatory minimums but neglect resilience.
- Limited Contribution, Huge Charges
These entities contribute little to improving security posture—breaches at Air India, BigBasket, and others persist—yet charge premiums, exploiting companies’ fear of penalties and reputational loss.
- Regulators’ Leniency
Regulators like RBI and SEBI impose modest fines (e.g., Rs 1 million on Union Bank) compared to breach costs, failing to deter negligence. The absence of hefty penalties reflects a lack of stringent enforcement.
- No Criminal Cases
Criminal cases against consulting firms for poor SLA delivery or negligence are rare, possibly due to legal gaps in the IT Act, 2000, and reluctance to hold service providers accountable.
- Questions on Breach Cases
What actions were taken against security providers in breaches like Star Health or Domino’s India? Were consulting firms, auditors, or investigators penalized for failing to prevent or mitigate these incidents? The silence suggests systemic impunity.
India’s cybersecurity ecosystem needs reform—stricter accountability, not just compliance, should drive change.
Dubious Role of Threat Intelligence Providers in India
Threat intelligence service providers in India charge hefty sums from companies and government bodies, promising actionable insights into cyber threats. However, their role often proves dubious and limited, delivering generic reports—rehashed dark web scans or surface-level alerts—lacking context-specific relevance.
In a country with rising breaches like BSNL and SBI, their intelligence rarely translates into preventive measures, serving more as a compliance prop than a security enhancer. High costs don’t match the minimal impact on thwarting attacks, raising questions about their value. Why do firms and regulators tolerate this costly inefficiency? Accountability remains elusive.
Limited Impact of SOC, SOAR, and Security Jargon in India
Security Operations Centers (SOC) and Security Orchestration, Automation, and Response (SOAR) systems in India promise advanced threat detection and response but often fall short. Resource-strapped SOCs rely on outdated tools, while SOAR’s automation is underutilized due to poor integration with legacy systems.
Buzzwords like “Zero Trust Implementation” dominate boardroom talks, yet execution remains superficial—lacking tailored strategies for India’s diverse IT landscape. Companies invest heavily in these jargons for optics, not outcomes, as breaches at Policybazaar and Upstox reveal. Why do these hyped solutions fail to bolster security posture? Their limited, compliance-driven role exposes a gap between promise and reality.
Are Insiders or Insurers Fueling Ransomware Post-Cyber Insurance?
Ransomware attacks in India, like those impacting Star Health and Sun Pharma, often spike after companies secure cyber insurance, raising suspicions of insider or insurer involvement. Policies promising coverage may lax internal vigilance, making firms soft targets. Insiders could leak vulnerabilities for profit, while insurers, indirectly benefiting from payouts, might lack incentive to enforce robust prevention.
Data shows a correlation—insured firms face 20-30% higher attack rates globally. Why do breaches cluster post-insurance? Is it coincidence, negligence, or collusion? Without transparency on investigations, questions linger about who’s truly profiting from India’s ransomware surge.
Practical Solutions to Mitigate Cyber Threats in India
- Shift from Compliance to Proactive Security
Corporate and government sectors must prioritize real-time threat prevention over checkbox compliance. Invest in continuous monitoring tools and train staff to spot risks, reducing reliance on overpriced, underperforming consultants.
- Strengthen Threat Intelligence with Accountability
Demand specific, actionable insights from Threat Intel providers, tying payments to measurable outcomes. CERT-In should audit and penalize firms delivering generic reports, ensuring value for money.
- Overhaul SOC and SOAR Operations
Upgrade SOCs with AI-driven tools and integrate SOAR fully with existing systems. Ditch jargon like Zero Trust unless backed by practical, phased implementation tailored to India’s infrastructure.
Empanelment for Speakers, Trainers, and Cyber Security Experts Opens at Future Crime Research Foundation
- Scrutinize Cyber Insurance Risks
Mandate rigorous pre-insurance audits to prevent laxity. Investigate insider threats and insurer incentives post-ransomware spikes, with regulators imposing hefty fines for negligence.
- Enforce Strict Penalties and Oversight
Regulators like RBI and SEBI must levy breach penalties reflecting true damage, while CERT-In cancels empanelment of negligent auditors and providers. Criminal cases against failing firms will deter poor SLA delivery.
Appeal to Whosoever Concerned: Fix Accountability in India’s Cybersecurity Failures
Several major Indian companies have suffered data breaches and cyberattacks in the past three years. We urge authorities to disclose the names of cybersecurity providers and information security auditors involved, to ensure transparency, expose malpractice, and hold these consulting firms accountable for systemic lapses.
As top Indian companies fall prey to major data breaches, it’s crucial to identify the cybersecurity service providers and auditors involved. Accountability must be enforced to expose negligence, curb malpractice, and restore trust in India’s digital infrastructure.
It is imperative to disclose how much cybersecurity providers, information security auditors, and forensic investigators charged Indian companies that suffered major data breaches. This will reveal the true value and effectiveness of their services. Additionally, the names of CISOs and CIOs in charge during the incidents must be made public, along with any actions taken against them, especially when customers’ Personally Identifiable Information (PII) or Sensitive Personal Data (SPD) was compromised.