A media story on impact of data breaches in organisations such as Air India, Big Basket and Domino’s has claimed that these breaches have exposed email accounts and passwords of NIC emails to the hackers.
In view of this it is important to clarify that firstly, there has been no cyber breach into the email system of the Government of India maintained by the National Informatics Centre (NIC). The email system is totally safe and secure.
Secondly, cybersecurity breach on external portals may not impact the users of Government Email Service, unless the Government users have registered on these portals using their Government Email Address and have used the same password as the one used in the Government Email Account.
NIC Email system has put in place several security measures such as two factor authentication and change of password in 90 days. Further, any change of password in NIC Email requires mobile OTP and if the mobile OTP is incorrect then change of password will not be possible. Any attempt of phishing using NIC Email can be mitigated by NIC. NIC also undertakes user awareness drives from time to time and keeps updating the users about potential risks and safety protocols.