6 biggest cyberattacks in India in 2023–24; opportunities and recommendations for CISOs by Gartner

5 Mins read
cyberattacks in India

In the fast-paced digital realm of modern India, the fight against cyber threats has escalated to unparalleled levels of urgency. With each passing day, data breaches loom as potent threats, casting shadows over both governmental institutions and private enterprises. According to a report by Indusface, India faced over 5 billion cyberattacks, growing 63% every quarter. 

Here is a list of the top 6 cyberattacks that rattled the nation between 2023 and 2024.  

  1. Massive Data Leak from Indian Council of Medical Research (ICMR): Described as one of the largest data leaks in the nation’s history, the personal details of over 81.5 crore Indians were exposed online. The leaked information, allegedly sourced from the Indian Council of Medical Research (ICMR), was brought to attention by Resecurity, an American cybersecurity and intelligence agency. 
  2. Leak of Indian Travelers’ Information: Amidst a surge in COVID-19 cases last year, Tamil Nadu mandated the use of COVID e-passes. However, hackers exploited this situation, leaking the passports, mobile numbers, and email addresses of Indian travelers, thereby endangering the personal information of 3.5 million individuals and exposing them to the threat of identity theft. 
  3. BSNL Data Breach: Bharat Sanchar Nigam Ltd (BSNL), a prominent telecom operator, fell victim to a data breach in which hackers gained access to sensitive information, including email addresses, billing details, and contact numbers of thousands of BSNL internet and landline users. Additionally, critical data such as mobile service outage records and network specifics were compromised. 
  4. Taj Hotels Group Data Breach: A data breach at the prestigious Taj Hotels group raised alarm as the personal information of approximately 1.5 million individuals was potentially compromised. 
  5. RailYatri Data Hack: A significant amount of data, allegedly hacked from RailYatri, an app authorized by the Indian Railway Catering and Tourism Corporation (IRCTC), was put up for sale on the dark web. The compromised information included names, email IDs, mobile phone numbers, and locations of RailYatri users, raising concerns about the security of online platforms facilitating train travel in India. 
  6. Malware Attack on AIIMS, New Delhi: Cybersecurity systems at the All India Institute of Medical Sciences (AIIMS) in New Delhi detected a significant malware attack. The attempted intrusion was swiftly identified, and the deployed cybersecurity measures effectively neutralized the threat. 

How the cybersecurity landscape has evolved. 

“Cyber-attacks in recent years have evolved rapidly and become more sophisticated and pervasive. Attackers are now using new methods for targeted attacks with Zero-Day Exploits, Fileless Malware and Supply Chain Attacks. To stay safe, organizations must prioritize comprehensive cybersecurity measures, including regular assessments, robust incident response plans, employee training, and proactive threat intelligence gathering. Only through a proactive and multi-layered approach organizations can mitigate and stay safe from the ever-growing risks of the digital world”, says Munesh Jadoun, CEO of ZNet Technologies, India. 

Due to advanced technologies, the cybersecurity landscape has evolved tremendously over the last few years. According to Abhyuday Data, Director Analyst at Gartner, some well-known and persistent forces that influence the cybersecurity landscape and programs are:  

  1. GenAI Adoption: Consumption of GenAI applications, such as large language models (LLMs), from business experiments and unmanaged, ad hoc employee adoption creates new attack surfaces and risks on individual privacy, sensitive data, and organizational intellectual property (IP). 
  2. Cybersecurity Skills Demand Evolve: The enduring challenge of finding and retaining top security talent remains but is more acutely being felt at the top end of the career stack with the biggest issue identifying and retaining the next generation of CISOs and security leadership. 
  3. Supply Chain Independence: As organizations continue to increase their reliance on cloud services, so does their dependence on having a digital supply chain that is robust and resilient to ensure the same. 
  4.  Rapidly Evolving Regulatory Environments: Legally fragmented guidance shaping security prioritization across both local and global organizations.   
  5. Digital Business Decentralizing: The normalization of the hybrid work model and the digitalization of business processes in the cloud – both of which introduce new security challenges.  
  6. Ransomware evolving & attacks on IAM Systems, CI, Data Breaches – all increasing: Concurrently, we continue to see ransomware evolve and more and more instances of Extortionware.  We continue to see attacks on IAM infrastructure, critical infrastructure and data breaches hitting the media.   

SRM leaders are responding to the combined impact of these forces by adopting a range of practices, technical capabilities, and structural reforms within their security programs with a view to improving organizational resilience and the cybersecurity function’s performance. 

Laws governing data security play a crucial role in safeguarding personal privacy, bolstering cybersecurity measures, fostering economic advancement, and promoting responsible data usage in a digitalized society. Consequently, many nations have formulated laws tailored to combat cyber threats. For example, the European Union’s General Data Protection Regulation (GDPR) enacted in 2016 was a notable move. Recently, India also came up with Digital Personal Data Protection Act 2023 (DPDPA). This act empowers Indians with rights concerning the processing of their data. 

India’s Digital Personal Data Protection Bill for data protection 

The cyberattacks on private and government organizations in India highlight the pressing need for stringent cybersecurity measures in the digital era. In response to such threats, the Digital Personal Data Protection Act 2023 (DPDPA) was enacted by the government, imposing obligations on organizations handling personally identifiable information (PII) of Indian citizens. 

Under the provisions of the DPDPA, both private and public entities are now mandated to: 

  • Ensure the adoption of strong security safeguards to thwart personal data breaches effectively. 
  • Honor requests made by individuals to delete their personal data. 
  • Erase personal data once its intended purpose has been fulfilled. 
  • Notify affected individuals and the Data Protection Board without delay in the event of a personal data breach. 

Any violation or failure to comply with the DPDPA can result in significant financial penalties, potentially amounting to Rs. 250 crores. 

To ensure compliance with the DPDP act, organizations must engage cybersecurity service providers capable of supporting them in achieving and maintaining adherence to the DPDPA regulations. 

Know more about the DPDP act here. 

Opportunities and recommendations for security leaders 

Some targeted opportunities and recommendations for security organizations in India are: 


  • SRM leaders can improve the security function’s reputation and performance by using generative artificial intelligence (GenAI) in proactive collaboration with business stakeholders. This will help lay the foundations for ethical, safe, and secure use of this disruptive technology. 
  • Investment in effective risk management of third-party services and software, enhanced security for the identity fabric, and continuous monitoring of hybrid digital environments can harden an organization’s attack surface and strengthen its resilience. 
  • Aligning security governance efforts with the use of business-aligned cybersecurity reporting can improve the security function’s performance and reputation as a trusted partner and key enabler of an organization’s strategic objectives. 
  • Increased focus on the human elements of security programs continues to show significant promise in the mission to minimize the impact of employees’ unsecure behaviour. It can also provide greater assurance when experimenting with emerging technologies in democratized digital environments. 


An SRM leader seeking to optimize organization’s cybersecurity program and investment, should: 

  • Improve organizational resilience by implementing continuous, pragmatic, business-aligned risk management efforts across your organization’s digital and third-party ecosystems. Extend the role that identity and access management (IAM) plays in reducing cybersecurity risk. 
  • Support decentralized technology projects by coordinating cybersecurity decision making. Measure the security function’s performance using business-aligned, outcome-driven metrics (ODMs) aligned with protection-level agreements (PLAs). 
  • Enable resilient operations in the face of localization rules by embracing a composable application architecture that incorporates a data-decoupling strategy. 
  • Take a strategic, human-centric approach to improving the security function’s performance by reskilling existing security talent, using GenAI to augment — not replace — human efforts, and implementing a contextually appropriate security behaviour and culture program. 

Read next: AI cybersecurity market to quadruple and hit a $133 billion value by 2030

Leave a Reply

Your email address will not be published. Required fields are marked *

÷ one = five