Transerve became a victim of a data breach that affected all the collections, including ‘registered users’ and ‘users‘ contained references and emails with the ‘transerve.com‘ domain, as well as hashed passwords and usernames for administrator access.
The most detailed information contained in the ‘Individuals’ collection was basically a pretty detailed portrait of a person, incl. Aadhaar numbers, voter card numbers, health conditions, education, etc.
It remains unknown just how long the database was online and if anyone else accessed it, these attacks are able to occur because the MongoDB database is remotely accessible and not properly secured.
Source: https://securitydiscovery.com/delhi-citizens-data-leak/
"id": "TRA41616223",
"linkid": "transervetech",
"type": "Breach",
"date": "02/2019",
"severity": "60",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"