Over 290,000 citizens at risk: CloudSEK uncovers major data breach at BWSSB, ET CISO
The discovery raises serious concerns about the security of public utilities and the potential for widespread misuse of citizens' personal information.
CloudSEK's Investigation: A Timeline of Neglect
Advt
The Data at Stake:
291,212 user records , including:
Full Name Phone Number Complete Address Aadhaar Number Email ID Other sensitive application details
, including:
Potential Consequences:
Targeted phishing attacks on citizens using their verified personal data.
on citizens using their verified personal data. Disruption of essential services , as attackers could manipulate BWSSB's operational databases.
, as attackers could manipulate BWSSB's operational databases. Erosion of public trust in digital services offered by civic bodies.
A Human Cost Behind the Data
Advt
Who is Behind the Breach?
CloudSEK's Recommendations for Immediate Action:
Full Security Audit: BWSSB must assess all systems for vulnerabilities and potential backdoors. Credential Rotation: Every exposed or potentially compromised credential must be revoked and replaced immediately. Lock Down Admin Interfaces: Public access to tools like Adminer should be disabled or heavily restricted.
Why This Matters – A Call to Action for Public Sector Cybersecurity
By ,
ETCISO
Join the community of 2M+ industry professionals Subscribe to our newsletter to get latest insights & analysis.
Download ETCISO App Get Realtime updates
Save your favourite articles
Scan to download App
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
The Hindu
a day ago
- The Hindu
What goes where in the new multiple corporation setup in Bengaluru?
With the Bruhat Bengaluru Mahanagara Palike (BBMP) now being split into five corporations, questions are being raised about what functions and assets of the civic body should be transferred to the Greater Bengaluru Authority (GBA) at the pan city level and what should be retained with each of the five new corporations. 'An activity mapping exercise would be useful to list all corporation activities . This should cover the activity, the service provider(s) responsible for budgeting, planning, asset creation, monitoring and operation, and maintenance activity, and role for the ward committee,' said V. Ravichandar, member of Brand Bengaluru Committee, which proposed the multiple corporations set-up. Major road infrastructure and projects The State government has floated the task to Bengaluru Smart Infrastructure Limited (B-SMILE) and transferred all major projects, including tunnel roads, to the same. The Major Road Infrastructure Department, which is tasked with operation and maintenance of arterial roads, will also be transferred to B-SMILE, sources said. Border roads between the corporations will also likely be transferred to B-SMILE. While the corporations will have a road infrastructure department to maintain roads within the respective corporations and a projects division to spearhead infrastructure projects within their respective boundaries, roads and projects that span multiple corporations will likely be handled by B-SMILE, sources said. Solid waste management Bengaluru Solid Waste Management Ltd. (BSWML) has already been tasked with collection, transportation and processing of solid waste in the city. This system will continue and each of the five corporations will have a vendor-client relationship with BSWML and give the company garbage user fee they collect as part of property tax. 'In a city like London, some boroughs send out their waste incurring expenses while some boroughs have put up waste processing plants and ensured waste is a source of income for them. Such proposals may come up in the city as well at a future date,' an official said. Storm water drains and lakes The city has a network of 829 km of Storm Water Drains (SWDs), spanning the boundaries of multiple corporations and 210 lakes, part of three main valleys, which also span the boundaries of multiple corporations, necessitating a pan-city approach to both SWDs and lakes. A section of water conservation activists and urban experts have been arguing that SWDs and lakes have to be handed over to the Bangalore Water Supply and Sewerage Board (BWSSB) and the Board be made an integrated water management body in the city. 'The biggest bane of both SWDs and lakes in the city is sewage, and that is with the BWSSB. Sewage Treatment Plants (STPs) are with BWSSB. Handing over SWDs and lakes to BWSSB will bring in accountability in the sector. Moreover, if groundwater monitoring is also handed over to the Board, the city will have one agency planning for all its water needs,' said V. Ramprasad, of Friends of Lakes. However, water conservationist S. Vishwanath argued that the maintenance and upkeep of lakes, which is also a public space, and SWDs need to be with respective corporations, while capital expenditure on these assets can be moved to a GBA-level body, whichever the government may seem fit. Town Planning Department At present, building plan approvals are given at the zonal level and only approvals for highrises and bigger commercial buildings above a certain sq. ft. are subject to review from the BBMP head office. While the same system will continue in the new corporations for smaller buildings at the ward level, whether plan approvals for high rises and issuing Occupancy Certificates (OCs) to them should come to the GBA-level or the respective corporation level has reportedly turned into a bone of contention. Sources said moves are afoot to keep it at the GBA-level. A decision is yet to be taken whether trade licences should be uniform across the city and issued by GBA or whether each corporation should issue separate trade licences in their jurisdictions. Meanwhile, parks, streetlights and crematoriums will be under the in-charge of respective corporations, sources said.
Time of India
4 days ago
- Time of India
Green technology at STPs to focus on sustainability
In a move towards sustainability and self-reliance, the Bangalore Water Supply and Sewerage Board (BWSSB) is set to integrate green technologies into its Sewage Treatment Plants (STPs) under the World Bank-supported Urban Water Security and Disaster Management project. The initiative will prioritise the scientific and sustainable management of wastewater through innovative models such as solar power generation and fertiliser production from sewage sludge. Sludge drying systems in STPs A BWSSB official said that solar panels will be installed to generate electricity at the Saul Kere STP. 'In Chikkabegur Lake, BWSSB plans to introduce solar sludge drying systems that will help produce both electricity and organic fertiliser from dried sewage sludge. The objective is to reduce dependency on external energy sources and make STPs financially self-sustaining,' said the official. Mega project to enhance water resilience The project, with an estimated cost of Rs 1,323 crore — including a Rs 1,000 crore loan from the World Bank — aims to improve wastewater treatment, groundwater conservation, and flood control across Bengaluru. BWSSB has already prepared detailed project reports and is ready to begin implementation. Nine new STPs are proposed under the project, with a major portion of the funds — about Rs 706 crore — allocated for the Bommanahalli zone. The plan includes works like lake rejuvenation, laying of pipeline networks, lift pumping stations, and installation of green technology solutions at Saul Kere and a new 15 MLD unit at Chikkabegur. Dual benefits through plants A BWSSB official further explained that the solar sludge drying system will convert wet sewage by-products into reusable dry sludge using solar energy. This dried sludge can then be repurposed as organic fertiliser. If solar panels are also installed at these sites, they can simultaneously generate electricity to power the operations, making the process both eco-friendly and cost-effective. BWSSB is already generating 2.5 MW of electricity at five major STPs: two units (60 MLD and 150 MLD) at K&C Valley, 150 MLD at Vrishabhavathi Valley, 100 MLD at Hebbal, and 90 MLD at Bellandur — all using biogas. Building on this model, the agency now plans to set up a 500 kW biogas-powered unit at the upcoming 35 MLD STP in Anjanapura, Bommanahalli zone, under the World Bank project .
Time of India
4 days ago
- Time of India
AI tools not for decision making: Kerala HC guidelines to district judiciary on AI usage, ETCISO
In a landmark move, the Kerala High Court has come out with an Artificial Intelligence (AI) usage policy which specifically prohibits usage of such tools for decision making or legal reasoning by the district judiciary. The High Court has come out with the 'Policy Regarding Use of Artificial Intelligence Tools in District Judiciary' for a responsible and restricted use of AI in judicial functions of the district judiciary of the state in view of the increasing availability of and access to such software tools. According to court sources, it is a first-of-its-kind policy. It has advised the district judiciary to "exercise extreme caution" as "indiscriminate use of AI tools might result in negative consequences, including violation of privacy rights, data security risks and erosion of trust in the judicial decision making". Advt Advt Join the community of 2M+ industry professionals. Subscribe to Newsletter to get latest insights & analysis in your inbox. All about ETCISO industry right on your smartphone! Download the ETCISO App and get the Realtime updates and Save your favourite articles. "The objectives are to ensure that AI tools are used only in a responsible manner, solely as an assistive tool, and strictly for specifically allowed purposes. The policy aims to ensure that under no circumstances AI tools are used as a substitute for decision making or legal reasoning," the policy document policy also aims to help members of the judiciary and staff to comply with their ethical and legal obligations, particularly in terms of ensuring human supervision, transparency, fairness, confidentiality and accountability at all stages of judicial decision making."Any violation of this policy may result in disciplinary action, and rules pertaining to disciplinary proceedings shall prevail," the policy document issued on July 19 new guidelines are applicable to members of the district judiciary in the state, the staff assisting them and also any interns or law clerks working with them in Kerala."The policy covers all kinds of AI tools, including, but not limited to, generative AI tools, and databases that use AI to provide access to diverse resources, including case laws and statutes," the document AI examples include ChatGPT, Gemini, Copilot and Deepseek , it also said that the new guidelines apply to all circumstances wherein AI tools are used to perform or assist in the performance of judicial work, irrespective of location and time of use and whether they are used on personal, court-owned or third party policy directs that usage of AI tools for official purposes adhere to the principles of transparency, fairness, accountability and protection of confidentiality, avoid use of cloud-based services -- except for the approved AI tools, meticulous verification of the results, including translations, generated by such software and all time human supervision of their usage."AI tools shall not be used to arrive at any findings, reliefs, order or judgement under any circumstances, as the responsibility for the content and integrity of the judicial order, judgement or any part thereof lies fully with the judges," it further directs that courts shall maintain a detailed audit of all instances wherein AI tools are used."The records in this regard shall include the tools used and the human verification process adopted," it in training programmes on the ethical, legal, technical and practical aspects of AI and reporting any errors or issues noticed in the output generated by any of the approved AI tools, are the other guidelines mentioned in the policy High Court has requested all District Judges and Chief Judicial Magistrates to communicate the policy document to all judicial officers and the staff members under their jurisdiction and take necessary steps to ensure its strict compliance.
