Did you know? 


According to an article by Business Standard, around 82% Indian companies suffered a ransomware attack in 2020


Also, the cost of recovering from the impact of a ransomware attack in India tripled over the last year, going up from $1.1 million in 2020 to $3.38 million in 2021


As the Indian government has been pushing to digitize the country, the enterprises too have rushed to digitize their processes and business operations. While this technological advancement has helped organizations to scale their business, it has also increased the risk of exposure to critical data and intellectual property theft. Ranging from cyber attacks on critical infrastructure to the new forms of the misuse of social media, India has been plagued by various cyber threats for years now.


Owing to the precarious state of cyber security in India, the country has been at the receiving end of hundreds of meticulously planned and executed cyber attacks. Modern hackers have learned to utilize thousands of different techniques and methods for accessing information and money from organizations. Any organization that possesses sensitive data or relies on real-time computation is a potential target of a cyber attack.  



What do the Numbers Say?

With the rapid increase in online frauds, data breaches and cyber scams, India has become one of the most affected countries by cyber crime. Here are some statistics reflecting the cyber security landscape in India.

Statistics on cyber security in India

  • As per the government data presented in the parliament, nearly 1.16 million cases of cyber attacks in India were reported in 2020, marking an average of 3,137 cyber security issues reported every day of the year.


  • The ‘Cost of a Data Breach Report 2020’ released by IBM reported that the average cost of a data breach in India in 2020 was $2 million, marking an increase of 9.4% since 2019.


  • An article by Inc42 revealed that ever since the arrival of the COVID-19 pandemic, India has witnessed a 4000% increase in phishing emails and a 400% spike in the number of policy violations.


  • According to this article by Inc42, 66% of organizations in India have suffered at least one data breach or cyber attack since shifting to a remote working model during the pandemic.


  • The Internet Crime Report by the FBI revealed that India is ranked third in the world among the top 20 countries being victimized by cyber crimes.


Recent Cyber Security Incidents in India

Besides these spikes in the cyber attacks and crimes, there have been a plethora of disastrous cyber attacks on organizations all through India. 


  • In May 2020, Edutech startup Unacademy suffered a data breach that resulted in the compromise of the accounts of 22 million Indian users. The email addresses, usernames and passwords of the compromised accounts were put up for sale on the dark web.


  • In October 2020, the user data from the giant online grocery platform called BigBasket went up for sale in an online cyber crime market. The personal information of around 20 million Indian users was being sold for $40,000. The information on sale included names, email IDs, PINs, mobile numbers, password hashes, addresses, locations, dates of birth and IP addresses. 


  • In January 2021, COVID-19 lab test results of thousands of Indian patients were leaked online seemingly by government websites. The leaked data was made publicly accessible on Google. The sensitive information included patients’ dates of birth, full names, centers in which the tests were held and testing dates. 


  • In February 2021, personally identifiable information (PII) of 500,000 Indian police personnel went up for sale on a database sharing forum. The data was traced back to a police exam conducted on 22 December 2019. The leaked information included full names, email IDs, mobile numbers, dates of birth, criminal history and FIR records of the exam candidates.


  • India’s second-largest stockbroker, Upstox, suffered a data breach in April 2021 that affected its 2.5 million customers. Over 56 million KYC data files were leaked including email IDs, date of birth, passports, PAN, etc. The infamous hacker group ShinyHunters gained access to the KYC details and contact data by compromising a third-party warehouse. 


  • In November 2020, the data of 1.4 million Indian job seekers was leaked online after a cyber attack on the job portal IIMjobs. The compromised data included the victims’ names, email addresses, phone numbers, the exact location of users, links to their LinkedIn profiles and their industry of work. 


These incidents clearly indicate the growing need for organizations in India to enforce strict cyber security protocols and follow the best cyber security practices. Only with the coordinated efforts of the public and the private sectors can we hope to stabilize the increasingly deteriorating condition of India’s cyber security landscape. 

Are You Cyber Aware? Take Our Quiz to Find Out

We’ll even give you your own Cyber Security Awareness Badge!

Leave a comment

Your email address will not be published. Required fields are marked *