Media reports that data breaches in some companies have compromised email accounts of the government’s National Informatics Centre are wrong, the centre said today in a statement.
The NIC has institutional linkages across all ministries and departments of the central and state governments. It has been instrumental in steering e-governance applications across the country.
“A media story on impact of data breaches in organisations such as Air India, Big Basket and Domino’s has claimed that these breaches have exposed email accounts and passwords of NIC emails to the hackers,” the government said.
“In view of this, it is important to clarify that firstly, there has been no cyber breach into the email system of the government maintained by the National Informatics Centre (NIC). The email system is totally safe and secure,” it said.
The centre said cyber security breach on external websites may not affect users of the government’s email service, unless the users have registered on these websites using their government email addresses and have used the same password.
“NIC email system has put in place several security measures such as two-factor authentication and change of password in 90 days. Further, any change of password in NIC email requires mobile OTP and if the mobile OTP is incorrect then change of password will not be possible,” the government said.
The NIC has large data centres in Delhi, Pune, Hyderabad and Bhubaneswar and 37 small data centres in state capitals.
Ten years’ worth of Air India customer data including credit cards, passports and phone numbers have been leaked in a massive cyber-attack on its data processor in February, the airline announced last month.
The incident affected around 45 lakh customers registered between August 26, 2011 and February 3, 2021, Air India had said, disclosing the scale of the breach nearly three months after it was first informed of it.