LIVE
🟠 Parle Agro — NA · HIGH🟠 Nirvasa — 3500 · HIGH🟠 Guidely — 1.5 Million · HIGH🔴 BLS International — 29 Million · CRITICAL🟠 Ashtech Infotech — 25000 · HIGH🟠 Punjab National Bank — 100000 · HIGH🟡 Admatrimony — 500 · MEDIUM🟡 V Love Solar Enterprises — 2000 · MEDIUM🔴 Talentely — 514412 · CRITICAL🟡 C PRO Computer Info-Tech Institute — NA · MEDIUM🟠 Parle Agro — NA · HIGH🟠 Nirvasa — 3500 · HIGH🟠 Guidely — 1.5 Million · HIGH🔴 BLS International — 29 Million · CRITICAL🟠 Ashtech Infotech — 25000 · HIGH🟠 Punjab National Bank — 100000 · HIGH🟡 Admatrimony — 500 · MEDIUM🟡 V Love Solar Enterprises — 2000 · MEDIUM🔴 Talentely — 514412 · CRITICAL🟡 C PRO Computer Info-Tech Institute — NA · MEDIUM
ABOUT US

India's Independent
Breach Intelligence Hub

IndianBreaches is an independent, non-commercial cybersecurity transparency initiative dedicated to tracking, documenting, and analysing data security incidents affecting Indian organizations, citizens, and government institutions. We exist because Indians deserve to know when their data has been compromised — and by whom.

31
Breaches Documented
4
Critical Incidents
1
Research Articles
2026
Active Since
// Why IndianBreaches Exists

India is one of the most targeted countries in the world for data breaches. With over 1.4 billion citizens, a rapidly digitising economy, and massive government databases like Aadhaar, CoWIN, and DigiLocker — the scale of data at risk is unprecedented. Yet awareness of these incidents among the general public, journalists, and policymakers remains dangerously low.

Most breach data surfaces briefly on dark web forums, gets picked up by international researchers, and then disappears from public discourse entirely — leaving Indian citizens unaware that their health records, financial data, or Aadhaar-linked information has been compromised.

IndianBreaches exists to change that. By maintaining a comprehensive, publicly accessible, and well-researched record of every significant Indian data breach, we aim to hold organizations accountable, inform citizens, and support the researchers, journalists, and policymakers working to improve India's cybersecurity posture.

// What We Do
🔍
Monitor & Track
We continuously monitor publicly available sources — cybersecurity forums, dark web threat actor posts, security researcher disclosures, news reports, and government advisories — for incidents affecting Indian entities.
📋
Document & Verify
Every breach entry is documented with organization name, affected sector, severity assessment, records count, breach type, description, and where available, the responsible threat actor.
📊
Analyse & Report
Our blog publishes in-depth analysis of significant incidents — examining attack vectors, affected data types, timeline of events, and implications for Indian citizens and organizations.
🔔
Inform & Educate
We provide practical guidance for citizens whose data may have been compromised, including our step-by-step What To Do guide tailored specifically for Indian users.
🔒
Responsible Practice
We do not access, download, or distribute stolen data. We index only publicly visible information and follow responsible disclosure principles throughout our work.
📡
Support Researchers
Our data is available to cybersecurity researchers, journalists, and academics studying India's threat landscape. We welcome collaboration and tip submissions.
// Our Methodology
Source Monitoring
We monitor publicly accessible sources including cybersecurity news publications, threat intelligence forums, researcher disclosures on platforms like X (formerly Twitter), dark web monitoring feeds, and official government and organizational statements.
Verification Standard
Before publishing, we attempt to verify incidents through at least one of the following: corroboration from a known security researcher, coverage by a reputable cybersecurity publication, or an official acknowledgement from the affected organization or government body. Unverified incidents are clearly labelled.
Severity Assessment
Severity is assessed based on the sensitivity of data exposed, the scale of impact, the nature of the threat actor, and the potential for harm to Indian citizens. Our scale runs from Critical (immediate national security or mass financial fraud risk) to Low (minimal personal impact) and N/A (severity cannot be determined).
Data We Do Not Publish
We do not publish personally identifiable information from leaked datasets. We do not share download links to stolen data. We do not reproduce sensitive database contents. Our focus is on the fact of a breach — not the exploitation of it.
// What We Cover
Indian government and public sector databases
Indian private sector and listed companies
Indian startup and technology platforms
Healthcare, education, and financial institutions
Critical infrastructure and telecom operators
Indian subsidiaries of multinational companies
Ransomware attacks with Indian victims
Dark web listings of Indian data
Attacks on non-Indian entities (unless Indian data is involved)
Unverified claims with no supporting evidence
// Get Involved
IndianBreaches relies on a network of cybersecurity professionals, researchers, journalists, and concerned citizens who share tips and leads on unreported incidents. If you have information about a breach affecting Indian organizations or citizens, we want to hear from you.
📩 Submit a Breach Tip
Know about an unreported breach? Submit it anonymously through our secure form.
Submit a Tip →
✉️ Media & Research
Journalists and researchers are welcome to reach out for data, interviews, or collaboration.
Contact Us →
⚖️ Legal Disclaimer

IndianBreaches.com does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by threat actors and also on Surface, Deep and Dark Web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.

IndianBreaches operates in accordance with India's Information Technology Act 2000, the Digital Personal Data Protection Act 2023, and international cybersecurity research norms. If you believe any content on this site is inaccurate or requires removal, please contact us at admin@indianbreaches.com.