CHENNAI: The Tamil Nadu police’s Facial Recognition Portal (frs.tnpolice.gov.in), a software used by the state police to track criminals and missing persons using facial recognition, has been compromised. The data samples have been made available for sale on the dark web and an analysis of the leaked samples indicate that 1.2 million lines of data including names of police officers, phone numbers, and FIR details have been accessed illegally. The data breach was brought to light by threat intelligence platform FalconFeeds.io.
A group named ‘Valerie’, has claimed responsibility for the breach. A file comprising 55,000 lines of data regarding details of police officials, including IPS officers, a second file with 8.9 lakh lines of FIR data and another with 2,700 lines of data on police stations (mostly available in public domain) have been compromised. The FRS software was developed by CDAC (Centre for Development of Advanced Computing) Kolkata and the application is hosted on the server at TNSDC (ELCOT).
Nandakishore Harikumar, founder of Technisanct, who also owns FalconFeeds.io told TNIE that the data can potentially be used for making scam phone calls and other illegal activities.
“Since details from FIRs including personal identification details (of accused and suspects) have been stolen, there is a possibility of scamming family members into making payments. For instance, calls claiming to be from a particular police station, along with personal identification details, may make family members believe in the genuineness of the call and may lead to transfer of payments to scamsters,” Nandakishore said.
The compromised FIR details includes FIR ID, number, police station, investigating officer, date of registration, status of case, names in the FIRs, age, gender, parentage and address. The data is available for sale in a hackers’ forum for $2 to $3.
FalconFeeds.io stated that it is unclear whether the samples are part of a larger database or if the hacker has only accessed this specific set of information.
“We are analysing the full data set and will be providing more information soon,” FalconFeeds said.
Meanwhile, acknowledging the breach, a statement from the Office of the Director General of Police said, “On preliminary enquiry, it is learnt that the password has been compromised in admin account. The admin account has limited rights like creation of id for users, queries search, and details of front end can only be viewed.”
The last security audit of the portal was carried out by TNeGA on March 13. As a preventive measure, the admin account has been deactivated. The unauthorised user can view only the front end data (creation of id for users, queries search) and hence the unauthorised user could not have accessed the backend data & main server data, the statement said.
A complaint was lodged at Cyber Crime Police Station, Chennai, and information has been communicated to ELCOT, TNeGA, CDAC-Kolkata for necessary action, the statement said.
The facial recognition system launched in 2021 was intended to be used by police officers on patrol or while inspecting vehicles to immediately retrieve the criminal antecedents of those being screened. The system had sparked concerns of privacy breach due to the alleged lack of transparency on nature of usage of data and storage and retention of photographs taken as part of the process.