• Home
  • cyber
  • CISF (Central Industrial Security Force)
cyber Breach

CISF (Central Industrial Security Force)

May 3, 2022 1 min read
CISF (Central Industrial Security Force)

A security researcher found an unsecured database packed with network logs generated by a security appliance connected to India’s Central Industrial Security Force's network.

The logs contained records for more than 246,000 web addresses of PDF documents on CISF’s network containing the sensitive personally identifiable information on CISF officers.

The database was exposed because of a security issue with Haltdos, a company that provides network security technology to the organization.

It was soon removed from the internet and the database was secured.

Source: https://techcrunch.com/2022/03/18/india-cisf-security-data-exposed/

TPRM report: https://scoringcyber.rankiteo.com/company/cisfcentralindustrialsecurityforce

"id": "cis17343522",
"linkid": "cisfcentralindustrialsecurityforce",
"type": "Breach",
"date": "03/2022",
"severity": "100",
"impact": "7",
"explanation": "Attack that could injure or kill people"
{'affected_entities': [{'industry': 'Security',
                        'location': 'India',
                        'name': 'Central Industrial Security Force (CISF)',
                        'type': 'Government Agency'}],
 'attack_vector': 'Unsecured Database',
 'data_breach': {'file_types_exposed': ['PDF documents'],
                 'number_of_records_exposed': '246,000',
                 'personally_identifiable_information': 'CISF officers',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Network logs',
                                              'Personally identifiable '
                                              'information']},
 'description': 'A security researcher found an unsecured database containing '
                'network logs generated by a security appliance connected to '
                "India’s Central Industrial Security Force's network. The logs "
                'contained records for more than 246,000 web addresses of PDF '
                'documents on CISF’s network containing sensitive personally '
                'identifiable information on CISF officers. The database was '
                'exposed because of a security issue with Haltdos, a company '
                'that provides network security technology to the '
                'organization. It was soon removed from the internet and the '
                'database was secured.',
 'impact': {'data_compromised': ['Network logs',
                                 'Personally identifiable information'],
            'systems_affected': ['Security appliance',
                                 'Network logs database']},
 'initial_access_broker': {'entry_point': 'Unsecured Database'},
 'post_incident_analysis': {'root_causes': 'Security issue with Haltdos'},
 'response': {'containment_measures': ['Database removed from the internet',
                                       'Database secured']},
 'title': 'Unsecured Database Exposes CISF Network Logs',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Security issue with Haltdos'}
Published by
Harshit Kaur Bhatia
Harshit Kaur Bhatia
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.