Indian Telecom Authority Releases a Million Email IDs, Taken Down By Hackers

knwny writes: In a bizarre move that threatens the privacy of over a million internet users in India, the Telecom Regulatory Authority of India (TRAI) has released the list of email IDs from which it received responses regarding net neutrality. Most of these responses were sent by the general public following a massively popular online campaign to protect Internet neutrality in India. The regulatory body says that it has received large number of comments from the stakeholders on its Consultation paper on "Regulatory Framework for OTT services". So to aid the reading of comments, it has divided them into three blocks — "comments from the service providers," "comments from the service providers' association" and "comments from other stakeholders'"(this includes individuals, organizations, consulting firms etc). In the meantime, the TRAI website remains inaccessible after a DDoS attack by Anonymous India, the hacker collective, apparently in retaliation for the data release.

Email IDs?

[IamTheRealMike]

Back when I was a lad, we knew that an "email address" was like a physical address - useless unless people know it. People even made them publicly available on the web!

Yes, spammers abused this. But hiding addresses hardly helped. So many addresses have been dumped or dictionary brute forced by now it's hardly a big deal if your email address appears in one more place.

So colour me unexcited by this terrible misstep.

Re: Email IDs?

[Anonymous Coward]

I thought this is a good thing. Doesn't data want to be free? The prevailing meme on Slashdot is that there is too much hidden information during the regulation formulation process. In this case the regulator is making the information available. This way an astroturfing campaign would be exposed.

Re:

[umghhh]

Ac opting for transparency, tell me what is wrong with that picture. Or was it to cause laugh?

Hackers will hack

[__aabppq7737]

Hackers will hack, whether via email, 0-days, social engineering, or other fresh-off-the-wall ideas.

When we say "Email IDs"...

[Ecuador]

we are just talking about email addresses here, right? Or is it something else I am not familiar with? No, I will not RTFA to find out, who do you take me for?

Re:

[nedlohs]

No he means what he said.

The mailbox of the submissions is there. So you can see the Subject, Date, From, To, and body of the emails. Which has nothing to do with the inboxes of the people who sent the emails.

"Email IDs" vs. "email addresses"

[Anonymous Coward]

This story takes place n India. In India, most people refer to personal identifiers for electronic mail as "email IDs".

As of this writing, the first Google search result that comes up is India.com's email registration [india.com], whose title proudly proclaims that you can be proud of having an email ID there.

Re:

[LeadSongDog]

So you're saying "Becuz India"??

Send an email

[ITRambo]

Every one of the one million people should send an email, stating their feelings about this bone head move, to the person that made the decision to release the email addresses. That person's email address should be readily available. If not, hopefully, someone will make it so. The clown(s) needs to see what happens when email addresses submitted in confidence are disclosed to the public.