Sri Lankan Agrarian Development Department - Over 1.4 Million Farmers' Data Exposed

Company Overview

• Organization: Department of Agrarian Development, Sri Lanka
• Website: agrariandept.gov.lk
• Sector: Government / Agriculture
• Role: The Department of Agrarian Development is responsible for promoting and overseeing the development of the agrarian sector in Sri Lanka, particularly in rural areas. This department implements policies, manages resources, and provides services to support the agricultural community.

Breach Details

• Date of Breach: August 22, 2024
• Threat Actor: SILKFIN AGENCY
• Platform of Disclosure: BreachForums
• Data Compromised:
  • Type of Data: Identification numbers, field-specific data, verification statuses, IP addresses, timestamps, and other unspecified sensitive information.
  • Data Fields Mentioned:
    • Personal Identification: id, data_id, nic_number
    • Verification Data: asc_verified_id, da_verified_id, da_verified_date, asc_verified_status, da_verified_status
    • System Metadata: ip_address, user_id, datetime, delete_remarks, resubmission_reason
    • Miscellaneous Data Fields: Over 100 additional fields identified as field_116 through field_2001, including what appear to be various types of internal identifiers and statuses.
• Number of Records: Over 1,450,000 farmers and associated data.

Threat Actor Profile

• Name: SILKFIN AGENCY
• Forum Presence: Active on BreachForums since August 2024
• Reputation: New but gaining reputation in the cybercriminal community
• Known Activity: Uploading large datasets related to government and agricultural sectors, specifically targeting databases with sensitive community data.

Impact Analysis

• Potential Risks:
  • Identity Theft: The exposure of identification numbers (nic_number) could lead to identity theft or fraud, particularly targeting rural communities with less cybersecurity awareness.
  • Service Disruption: The leaked data could disrupt the services provided by the Department of Agrarian Development if the database integrity is compromised or if fraudulent data manipulation occurs.
  • Trust Erosion: The breach could undermine public trust in the Department’s ability to safeguard sensitive information, leading to a reluctance in using governmental services.