Data breach exposes sensitive military information in India
Learn More
A significant defense data breach has been reported in India, with ransomware group Babuk Locker 2.0 claiming responsibility. The incident involves leaked information related to the Defense Research and Development Organization (DRDO) and various classified military documents.
The ransomware group Babuk Locker 2.0 announced the data leak on March 10, 2025, claiming to have exfiltrated approximately 20 terabytes of data from DRDO systems. As proof, they publicly released a 753 MB sample of the stolen information.
The leaked information includes:
- Engineering designs of weapons
- Details of a new Air Force facility
- Defense procurement plans
- Strategic collaborations between India and other countries (Finland, Brazil, USA)
- Evacuation protocols for the President, Prime Minister, and VVIPs during aerial attacks
- Files related to T9 Bhishma Tank upgrades
- Credential logs repository
According to cybersecurity firm Athenian Tech, the data appears to have been stolen from the device of a former Defense Ministry official rather than from DRDO's core IT infrastructure. The investigation revealed that much of the leaked data appears linked to Puneet Agarwal, who served as Joint Secretary in the Defense Ministry between 2019 and 2021. Personal documents including his Aadhaar details, financial records, and travel documents were found among the leaked files, suggesting the breach originated from his personal system rather than DRDO's infrastructure.
DRDO officials have denied any breach of their organization's data systems but did not provide further clarification about the leak.
Athenian Tech's analysis suggests the hackers communicated in Indonesian language, potentially indicating an Indonesian origin. The firm concluded that the ransomware group's claims about the scale of the breach may be exaggerated.
Security experts note that the presence of sensitive defense files on a personal system indicates potential lapses in endpoint security and inadequate data handling policies.
