Our resources provide the essential tools, guides, and insights to help your business stay ahead of data privacy regulations. From practical templates to expert articles, we ensure you have everything you need to navigate compliance with confidence.
Last Updated: 2025-06-23 ~ The 420
A significant cybersecurity breach at Agarwal Packers and Movers Ltd (APML) has exposed sensitive personal data of elite clients, including senior government officials, diplomats, and defence personnel. The data leak, which was first discovered on June 1, has triggered an FIR and a full-scale digital forensics investigation amid rising concerns about national security risks.
The breach came
to light after high-ranking clients began receiving suspicious and targeted
calls that referenced their upcoming relocations. According to the FIR
filed by Jaswinder Singh Ahluwalia, Group President and CEO of APML, the
callers possessed detailed information sourced from APML's internal records,
pointing to a likely data theft incident.
"This
isn’t just about client privacy," stated Ahluwalia. "This is a breach
of trust that could have national implications."
Internal
Audit Suggests Collusion
An internal
technical audit initiated by APML confirmed unauthorised cyber intrusion,
and initial findings suggest potential collusion between internal staff and
external cybercriminals. The compromised data reportedly includes contact
details, movement schedules, and personal addresses of judiciary members,
intelligence officials, and foreign dignitaries.
The Sector
36 Cyber Crime Police Station in Noida has registered an FIR under Sections
318(4) and 319(2) of the Bharatiya Nyaya Sanhita, along
with Sections 66C and 66D of the Information Technology Act,
pertaining to identity theft and impersonation. Cyber SHO Ranjeet Singh
confirmed that forensic teams are analyzing firewall logs, internal access
trails, and server activities to trace the origin of the breach.
Implications
for India's Cyber Resilience
This breach has
highlighted significant vulnerabilities in the cybersecurity infrastructure
of private firms operating in sensitive sectors. While industries such as
banking have been pushed to invest heavily in digital security, logistics,
healthcare, and travel sectors remain underprotected despite handling
highly personal information.
Cybersecurity
expert Ritesh Bhatia warned, “When threat actors gain access to
relocation data of senior officials, the misuse potential is staggering—from
phishing and identity fraud to geopolitical surveillance. This incident shows
why India urgently needs mandatory cybersecurity standards for private
firms servicing high-risk clients.”
The number of
individuals affected by the breach remains undisclosed, but sources suggest it
could run into hundreds. The incident is expected to push regulatory
bodies to revisit the Digital Personal Data Protection Act (DPDP), 2023,
and possibly expedite rules for mandatory breach disclosures and proactive
threat monitoring.
As the digital
investigation continues, APML has stated that it is cooperating fully with law
enforcement and taking immediate steps to bolster its internal cybersecurity
framework.
Read out more similar articles: DPDP Consultants