In a major breach of privacy, the Tamil Nadu Police Facial Recognition Portal containing data of nearly 50,000 persons, including that of people accused in crimes, convicts and police personnel, was hacked on Friday, May 3. The data includes the personal details, phone numbers, addresses, as well as the cases against individuals, registration date, first information report’s status, of accused, convicts, as well as police officers. The data is found to be put up for sale on a hackers' forum in the dark web for $2 to $3. Tamil Nadu Police Facial Recognition Portal is a software used by the state government to keep track of missing persons and criminals using face recognition technology.
A group named ‘Valerie’ has claimed responsibility for the data breach. Threat intelligence platform FalconFeeds.io analysed the leaked data and said that more than 800,000 lines of data have been exposed, including: FIR information - FIR number, date, details of involved parties, and physical addresses; and contact details of police officers.
According to The New Indian Express, one file with 55,000 lines of data comprising details of police personnel, IPS officers, and another file with 2,700 lines of data on police stations, which is mostly available in public domain, were also leaked.
The facial recognition technology, which debuted in 2021, was designed for police officers to catch accused persons, locate missing persons, and conduct surveillance. The Tamil Nadu Police has a separate portal to store data on criminals and complaints. The Tamil Nadu Face Recognition software on the web features information on offenders, missing individuals, and their names, ages, and addresses. It also contains FIR numbers, dates, complaint data, and 50,000 police officers' addresses and phone numbers.
According to reports, the Director General of Police released a statement saying that the administrator account password was compromised and has been deleted now. The police also said that an unauthorised user can only view the front-end data of the portal and cannot access the backend or primary server data.