Cyberattack targeting GST Network exposes millions of taxpayers’ information

Last Thursday the Goods and Service Tax Network (GSTN) posted a tweet mentioning that its security team detected “some activity in the cyberspace by unscrupulous elements”. According to the post, this activity could have led some technical difficulties for taxpayers trying to enter the platform. 

GSTN is a non-profit non-government company providing a shared IT infrastructure and service to both central and state governments including taxpayers and other stakeholders. The registration Front end services, Returns, and payments to all taxpayers are provided by GSTN. This message results both mysterious and concerning for millions of taxpayers, many of them being large companies. 

As per a source close to the incident, GSTN IT security management spotted the anomalous activity between last Wednesday and Thursday: “Experts detected suspicious traffic in one of GSTN eight security layers”. Nonetheless, the source anticipates the network maintainers won’t add incident updates at least until the investigation is completed.

So far, there are no indicators suggesting the incident could result in a data breach. However, Indian authorities ask users of this platform to be aware of any potentially malicious activity during the next few days: “The GSTN portal stores over 12 million taxpayers’ confidential information, so this breach could result in the deployment of further malicious campaigns”, a security alert mentioned.

When it comes to large companies, GSTN stores a lot of critical information, including sales, payroll, purchases, exportation and tax balances: “Given the nature of the stored information, GSTN has been a major target for threat actors from day one; if the store data has been compromised in any way, this could be a national security concern”, mentioned a cybersecurity specialist.

Indian Tax analysts also think that cyberattack attempts are something usual for such an organization, so they should be prepared with the best security mechanisms to prevent any compromise of taxpayers’ information. Such data is sold through dark web forums, so the main goal of the investigators of this incident is to prevent that the GSTN information makes it to this hacking platforms.

For more reports on vulnerabilities, exploits, malware variants, cybersecurity risks and information security courses fell free to visit the International Institute of Cyber Security (IICS) websites, as well as the official platforms of technology companies.