The Indian government has reportedly recommended that all departments migrate official email usage from the existing @nic.in domain to the National Informatics Centre–hosted @mail.gov.in platform, powered by Zoho. This shift comes as a precautionary move following the discovery of a massive global data leak in June, involving more than 16 billion login credentials exposed across 30 datasets.
The advisory underscores that, to date, there have been no reported cases of government email accounts being compromised as a result of this breach. However, 420.in reports that officials described the move as a proactive measure to mitigate future security risks. Around the same period, a phishing attack targeted a defence-related government email account—though authorities have ruled out any direct link between that incident and the global credential exposure.
According to CERT‑In’s advisory issued on June 23, the leaked dataset spans credentials from major platforms including Apple, Google, Facebook, Telegram, GitHub, and numerous VPN services. Alongside usernames and passwords, the data also contained authentication tokens, session cookies, and metadata, now circulating on the dark web, raising risk of phishing, credential stuffing, and business‑email compromise attacks
CERT‑In’s mitigation guidelines urge all internet users—government and public alike—to immediately reset passwords, enable multi‑factor authentication, adopt phishing‑resistant login methods such as passkeys, monitor login activity, and secure any misconfigured databases. Organisations are further advised to implement zero‑trust frameworks and monitor for suspicious access behaviour
Security researchers, including Cybernews, confirmed that the exposed data is recent—not recycled from older breaches—and was gathered from infostealer malware and unsecured storage systems. Each dataset averaged hundreds of millions of records, making this compilation one of the largest credential exposures in history
