New Delhi, Apr 6 (IANS): An exposed server belonging to legaltech platform CrimeCheck has allegedly leaked sensitive court record data, CloudDefense.ai security researcher Anurag Sen has claimed.
The exposed details consist of full names from FIRs, addresses, criminal processes, criminal details, passport details in FIRs, voter ID details and other personal information, Sen told IANS on Thursday, as he shared screenshots from the exposed server.
The company, however, told IANS that the exposed server has already been blocked at their end and no user data is at risk.
According to Sen, the server size is over 2.3 TB (currently over 522 GB) and the total document count on the server is more than 4 billion.
"I reached out to India's national cyber agency CERT-In, and provided them with the details to take the server offline. The CERT-In team is looking into this," Sen told IANS.
CrimeCheck is the biggest database of court records in India and is serving many banks, NBFCs and background verification companies.
CrimeCheck is a product from GetupForChange Services Pvt Ltd, makers of onlineRTI.com -- facilitating Right To Information (RTI) service for the common man, to any government department anywhere in India.
"The exposed server holds logs from FIRs from each state and voter details from each state," according to Sen.
CrimeCheck was started in 2014 with launching OnlineRTI.com to simplify RTI in the country. It is India's biggest database of court records.
According to the information available on the website, it has over 16 crore records which cover all types of cases across all courts and tribunals and are updated regularly.