Proxyearth Exposes Sensitive Indian User Data Through Mobile Number Lookup

A newly identified service called Proxyearth is enabling the retrieval of sensitive personal information for Indian residents using only their mobile phone numbers. According to reports from HackRead, the tool returns an individual's name, Aadhaar number (India's biometric digital identity), and real-time location data. While technical details remain undisclosed in the source material, the service appears to leverage data from major telecom providers including Airtel. This represents a significant privacy incident with severe implications for India's digital identity ecosystem. The exposure of Aadhaar data is particularly concerning given its central role in India's authentication infrastructure, potentially enabling large-scale identity fraud and authentication bypass attacks. The inclusion of real-time location data introduces physical security risks for affected individuals. From a cybersecurity perspective, this incident underscores critical vulnerabilities in how telecom operators and identity systems protect customer data. The lack of specific technical details in the report makes it difficult to assess whether this involves a new vulnerability, insider threat, or exploitation of existing data exposure vectors. However, the apparent ease of access to such sensitive data suggests systemic weaknesses in India's personal data protection framework. Cybersecurity professionals should note this as a case study in cross-sector data exposure risks, particularly where national identity systems intersect with telecom infrastructure. Immediate mitigation strategies would include monitoring for unusual authentication patterns involving exposed Aadhaar numbers and advising affected individuals on identity theft protection measures.