India’s Major Cybersecurity Incidents of 2024: What Lies Ahead in 2025

January 2, 2025 | Cybersecurity
By Ashwani Mishra, Editor-Technology, 63SATS

The year 2024 marked a critical juncture for cybersecurity in India, with an alarming rise in data breaches targeting sectors from telecommunications and financial services to healthcare and consumer goods. High-profile incidents, such as the BSNL data breach and ransomware attacks on financial firms, underscored vulnerabilities in critical infrastructure. Meanwhile, advancements in cyber threats, including ransomware and phishing campaigns, pushed organizations to reassess their defenses.

As 2025 begins, the digital ecosystem faces growing challenges from emerging technologies like AI and quantum computing. Strengthening cybersecurity frameworks and fostering resilience will be paramount to navigating these evolving threats.

This article delves into the major cybersecurity incidents of the year, analyses their implications, and underscores the urgent need for robust cybersecurity frameworks.

Major Cybersecurity Incidents in India: 2024 Timeline

1. Hathway Database Breach (January 2024)

A cybercriminal known as “dawnofdevil” exploited a vulnerability in the Laravel framework used by Hathway Cable & Datacom Ltd, a prominent Indian ISP. This breach exposed personal information of 41 million customers, including Aadhaar details, email addresses, and home addresses. The attacker leaked 12GB of sensitive data and a staggering 214GB of production data, posing a severe privacy risk to affected users.

2. Motilal Oswal Financial Services Ransomware Attack (February 2024)

The LockBit ransomware group targeted the domestic brokerage firm, threatening to release stolen data unless a ransom was paid. This incident reflects the increasing targeting of financial institutions, where the stakes are higher due to sensitive customer data and financial transactions.

3. Polycab’s Ransomware Attack (March 2024)

Polycab, an electrical goods manufacturer, reported a ransomware attack on its IT infrastructure. The company assured stakeholders that its core systems and operations remained unaffected, but the breach highlighted vulnerabilities even in non-tech-focused industries.

4. boAt Data Breach (April 2024)

boAt, a consumer electronics brand, suffered a breach compromising the data of 7.5 million customers. Hacker “ShopifyGUY” leaked 2GB of customer information on the dark web, which was accessible for as little as Rs 180. The incident demonstrated how hackers exploit inadequacies in cybersecurity measures, making personal data easily accessible.

5. BSNL Data Breach (June 2024)

India’s state-owned telecommunications giant, BSNL, fell victim to a second data breach within a year. Hacker “kiberphant0m” accessed and leaked 278GB of sensitive user information, exposing systemic weaknesses in BSNL’s cybersecurity protocols.

6. Angel One Data Breach and WazirX Security Compromise (July 2024)

Angel One, a financial services company, saw the personal information of 8 million customers leaked. Simultaneously, cryptocurrency exchange WazirX suffered a breach resulting in the theft of $230 million in assets due to flaws in its multi-signature wallet infrastructure. These breaches highlighted the rising threat to both traditional and digital financial ecosystems.

7. Durex India’s Website Flaw (August 2024)

Durex India inadvertently exposed customer information due to a lack of proper authentication measures on its order confirmation page. This oversight resulted in the leak of sensitive data like names, email IDs, and order details, sparking concerns about customer privacy in e-commerce.

8. Star Health Insurance Breach (September 2024)

Chennai-based Star Health Insurance faced a breach affecting 31 million customers. The stolen data, which included medical records, PAN details, and policy information, was later sold on the dark web for prices as high as $150,000. This incident shook customer confidence and underscored vulnerabilities in healthcare IT systems.

9. HDFC Life Insurance Data Threat (November 2024)

HDFC Life initiated an investigation into a potential data breach after an anonymous source shared customer data fields. The company’s swift response highlighted the growing emphasis on proactive incident management.

10. December 2024: A Month of Cyber Incidents

Signzy: The Bengaluru-based digital ID verification startup faced a breach affecting operations with over 600 financial institutions globally.

Niva Bupa Health Insurance: An unidentified source threatened to release customer data, prompting a detailed impact assessment.

McLeod Russel India: The world’s largest tea plantation company became the victim of a ransomware attack. Despite disruptions, the company ensured continuity of operations.

Global Context and Implications

India’s cybersecurity challenges are not isolated but part of a larger global trend. The exposure of Chinese state-linked hacking efforts further highlighted the geopolitical dimensions of cybersecurity threats, with leaked documents revealing systematic intrusions targeting infrastructure, governments, and corporations worldwide.

The digital threat landscape is evolving faster than ever. Ransomware has become a top-tier menace, turning into a complex, multi-faceted threat composed of viruses, Trojans, and sophisticated worms. The threat has surged so dramatically that ransomware payments surpassed $1 billion in 2023—a stark indicator of its reach and power. Additionally, supply chain vulnerabilities are adding layers of risk, pushing organizations to intensify vendor scrutiny and monitoring.

The digital ecosystem itself is both a marvel and a menace. According to the World Economic Forum, over 200 emerging technologies, from AI to quantum computing, are redefining opportunities and threats. By 2025, an estimated 75 billion connected devices will expand the attack surface exponentially, creating potential vulnerabilities across sectors. AI brings its own risks, such as data poisoning and adversarial attacks, while quantum computing looms as a potential disruptor to existing encryption, prompting malicious actors to amass encrypted data with hopes of future decryption.

Key Observations from 2024 Cybersecurity Trends

The financial implications of data breaches have reached unprecedented levels. In India, the Rs 19.5 crore average cost per breach reflects a significant economic burden on affected organizations.

India is also grappling with a mounting cyber fraud epidemic, with losses in the first nine months of 2024 totalling ₹11,333 crore, according to the Indian Cyber Crime Coordination Centre (I4C).

These figures, alarming on their own, are just the tip of the iceberg as projections suggest cyber fraud losses could surpass ₹1.2 lakh crore in 2025, amounting to nearly 0.7% of the country’s GDP.

Sectoral Vulnerabilities:

Telecommunications (e.g., BSNL) and financial services (e.g., Motilal Oswal, Angel One) were prime targets due to the high-value nature of their data.

Healthcare (e.g., Star Health Insurance) and consumer goods (e.g., boAt, Durex) also faced significant breaches, showcasing how attackers exploit diverse industry verticals.

Dark Web Markets: The availability of sensitive data on dark web marketplaces for minimal costs (e.g., boAt’s data for Rs 180) reflects a thriving underground economy, exacerbating risks of fraud and identity theft.

Insider Threats and Human Errors: Breaches like the Durex India incident underscore how inadequate security measures or human oversight can lead to significant data leaks.

State-Sponsored Hacking: Evidence of Chinese state-linked cyber-espionage activities raises concerns about national security and the need for international cybersecurity cooperation.

The threat landscape in 2024 has highlighted the urgent need for advanced, integrated, and proactive cybersecurity strategies. This year, organizations must invest in threat intelligence, adopt CTEM frameworks, and implement robust ransomware protection measures to build long-term resilience. With these recommendations and a commitment to innovation, businesses can protect their assets, maintain continuity, and secure their position in an increasingly digital world.