Brinztech Alert: CATASTROPHIC: Indian “Govtech” (ItzEazy) Breached; 80k “Passport/PAN Applicant” PII Kits For Sale

Dark Web News Analysis

The dark web news reports the alleged sale of a critical user database from ItzEazy.in, an Indian “Govtech” startup. This is a high-impact target, as the company specializes in government document and service facilitation (e.g., passports, PAN cards, business licenses).

An attacker is advertising 80,187 “fresh and zero duplication” user records for a very low price of $300. The low price and acceptance of escrow are “flash sale” tactics to ensure rapid, widespread distribution to all threat actors.

This is not a simple PII breach; it is a “government impersonation goldmine.” The database contains the name, phone, and email of 80,000+ Indians who are actively seeking or have just processed a government document.

Key Cybersecurity Insights

This is a high-severity, “Code Red” incident. The context of this PII is the “golden key” for mass, high-trust fraud.

1. CATASTROPHIC: “Govt Impersonation Goldmine” (The #1 Threat): This is the most immediate and dangerous threat. The attacker doesn’t have to guess; they know the victim is waiting for a government document. This allows for perfect social engineering.
   • The Scam: An attacker (impersonating the “Passport Seva,” “Tax Dept.,” or “ItzEazy”) calls/texts the victim’s leaked phone number.
   • The Script: “Hello [Victim Name], this is the Passport Seva / Indian Govt service. We are calling about your recent application via ItzEazy. There is a problem with your file/photo. To prevent rejection, you must immediately pay a small ‘re-processing fee’ at [phishing link]…” or “Please download this official government app [malware.apk] to upload your new photo…”
   • The Result: This scam will be lethally effective because it uses real, secret context (the application) and high pressure (govt rejection). This is how you steal money and deploy banking trojans to 80,000 people.
2. “ID Theft Goldmine”: (As noted). The PII (name, email, phone) is a “full kit.” This list is a “who’s who” of people who need official documents, making them high-value targets for identity theft.
3. Low Price = Mass Distribution: (As noted). The $300 price ensures every low-level scammer in India will have this list by tonight. The damage will be widespread and immediate.
4. Catastrophic Regulatory Failure (India – DPDP Act / CERT-In): This is a severe data breach under India’s new Digital Personal Data Protection (DPDP) Act, 2023.
   • Regulator: The company is legally required to report this breach to the Data Protection Board of India and CERT-In (Indian Computer Emergency Response Team).
   • Fines: The fines under the DPDP Act are massive (up to ₹250 crore / ~$30M USD). This is an extinction-level event for a startup.

Mitigation Strategies

This is a customer fraud and regulatory emergency. The data is public.

For ItzEazy (The Company):

• MANDATORY (Priority 1): Activate “Assume Breach” IR Plan: (As suggested). This is a “Code Red.” Engage a DFIR (Digital Forensics) firm NOW to verify the data, find the vector, and hunt for persistence.
• MANDATORY (Priority 2): Report to CERT-In & Data Protection Board: (As suggested). Immediately report this breach to CERT-In and the Data Protection Board as required by the DPDP Act.
• MANDATORY (Priority 3): Notify All 80k Users: (As suggested). This is a legal requirement. The notification must be transparent and warn explicitly of the “Govt Impersonation / Passport Fee” scam script.
• MANDATORY (Priority 4): Force Password Reset & Enforce MFA: Even if passwords weren’t in this leak, the vector is unknown. Force a password reset and enforce MFA on all accounts immediately.

For Affected Users (The Real Victims):

• CRITICAL (Priority 1): Phishing/Vishing Alert: TRUST NO ONE. (As suggested). Assume all calls, texts, or emails (from “Govt,” “Passport,” “ItzEazy”) are SCAMS, especially if they ask for money or to download an app. HANG UP.
• CRITICAL (Priority 2): Monitor Identity & Bank: Check your bank accounts daily for fraud.
• CRITICAL (Priority 3): Change Reused Passwords: If you reused your ItzEazy.in password on any other site (bank, email), that account is now compromised. Go and change those passwords immediately.

Secure Your Business with Brinztech — Global Cybersecurity Solutions Brinztech protects organizations worldwide from evolving cyber threats. Whether you’re a startup or a global enterprise, our expert solutions keep your digital assets safe and your operations running smoothly.

Questions or Feedback? This analysis is based on threat intelligence from a dark web forum. A breach of a “Govtech” platform is a catastrophic event that enables mass, high-trust impersonation attacks. Brinztech provides cybersecurity services worldwide and do not endorse or guarantee the accuracy of external claims. For any inquiries or to report this post, please email: contact@brinshtech.com