India's top agricultural education and research body, the Indian Council of Agricultural Research (ICAR), and its recruitment arm, the Agricultural Scientists Recruitment Board (ASRB), have suffered a catastrophic data wipe-out. The incidents started unfolding in February. By March, ICAR's main server in New Delhi saw sensitive data vanish, only for the backup server in Hyderabad's Disaster Recovery Centre (DRC) to follow suit days later. The sequence of events, and the delayed and lax response by authorities has left people questioning whether this was a simple cybersecurity lapse, or something far more sinister.
advertisement
The data that was lost wasn't trivial. It included recruitment records, scientist profiles, research project files, applications, interview evaluations, and communication logs. It was essentially the lifeblood of India's agricultural science infrastructure. Yet, despite the magnitude of the breach, no FIR was filed, and months passed before a six-member investigation committee (that too internal) was finally formed in July, only after Union Agriculture Minister, Shivraj Singh Chouhan, was briefed on the matter, reported Kisan Tak, India Today Digital's sister portal on agriculture, environment and farmer welfare.
Former ICAR governing body member and Varanasi-based scientist Venugopal Badarwada had in a letter to Prime Minister Narendra Modi alleged that the data "was deliberately deleted" and might be linked to recruitment irregularities. Meanwhile
TPRM report: https://www.rankiteo.com/company/indian-council-of-agricultural-research-icar
"id": "ind1764828963",
"linkid": "indian-council-of-agricultural-research-icar",
"type": "Cyber Attack",
"date": "03/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'customers_affected': 'Scientists, '
'researchers, '
'applicants, and '
'stakeholders in '
'agricultural '
'research',
'industry': 'Agriculture, Education, '
'Research',
'location': 'New Delhi, India',
'name': 'Indian Council of Agricultural '
'Research (ICAR)',
'size': 'Large',
'type': 'Government Research Body'},
{'customers_affected': 'Job applicants, '
'scientists, and '
'recruitment '
'stakeholders',
'industry': 'Agriculture, Recruitment',
'location': 'New Delhi, India',
'name': 'Agricultural Scientists '
'Recruitment Board (ASRB)',
'size': 'Large',
'type': 'Government Recruitment Body'}],
'data_breach': {'data_encryption': None,
'data_exfiltration': None,
'file_types_exposed': None,
'number_of_records_exposed': None,
'personally_identifiable_information': 'Likely '
'(scientist '
'profiles, '
'applicant '
'details)',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Recruitment '
'records, scientist '
'profiles, research '
'project files, '
'applications, '
'interview '
'evaluations, '
'communication logs'},
'date_detected': '2024-02-01',
'description': "India's top agricultural education and research "
'body, the Indian Council of Agricultural '
'Research (ICAR), and its recruitment arm, the '
'Agricultural Scientists Recruitment Board '
'(ASRB), suffered a catastrophic data wipe-out. '
'Sensitive data, including recruitment records, '
'scientist profiles, research project files, '
'applications, interview evaluations, and '
'communication logs, was lost from both the main '
'server in New Delhi and the backup server in '
"Hyderabad's Disaster Recovery Centre (DRC). The "
'delayed response and lack of immediate legal '
'action have raised concerns about the nature of '
'the incident.',
'impact': {'brand_reputation_impact': 'Significant',
'conversion_rate_impact': None,
'customer_complaints': None,
'data_compromised': 'Recruitment records, scientist '
'profiles, research project '
'files, applications, interview '
'evaluations, communication logs',
'downtime': None,
'financial_loss': None,
'identity_theft_risk': None,
'legal_liabilities': None,
'operational_impact': "Severe disruption to India's "
'agricultural science '
'infrastructure',
'payment_information_risk': None,
'revenue_loss': None,
'systems_affected': ['Main server (New Delhi)',
'Backup server (Hyderabad DRC)']},
'initial_access_broker': {'backdoors_established': None,
'data_sold_on_dark_web': None,
'entry_point': None,
'high_value_targets': None,
'reconnaissance_period': None},
'investigation_status': 'Ongoing (internal committee formed in '
'July 2024)',
'motivation': ['Cybersecurity lapse',
'Potential deliberate deletion'],
'post_incident_analysis': {'corrective_actions': None,
'root_causes': ['Potential '
'cybersecurity lapse',
'Alleged deliberate '
'deletion']},
'ransomware': {'data_encryption': None,
'data_exfiltration': None,
'ransom_demanded': None,
'ransom_paid': None,
'ransomware_strain': None},
'references': [{'date_accessed': None,
'source': 'Kisan Tak (India Today Digital)',
'url': None}],
'regulatory_compliance': {'fines_imposed': None,
'legal_actions': None,
'regulations_violated': None,
'regulatory_notifications': None},
'response': {'adaptive_behavioral_waf': None,
'communication_strategy': 'Delayed; internal '
'investigation committee '
'formed in July 2024',
'containment_measures': None,
'enhanced_monitoring': None,
'incident_response_plan_activated': None,
'law_enforcement_notified': False,
'network_segmentation': None,
'on_demand_scrubbing_services': None,
'recovery_measures': None,
'remediation_measures': None,
'third_party_assistance': None},
'title': 'ICAR and ASRB Data Wipe-Out Incident',
'type': 'Data Wipe-Out'}