#FactCheck - Out-of-Context Clip of PM Modi Misused to Claim He Insulted India

In what is being stated by experts to be one of the largest data breaches of all time, approximately 16 billion passwords were exposed online last week. According to various news reports, the leak contains credentials spanning a broad array of online services, including Facebook, Instagram, Gmail, etc., creating a serious alarm across the globe. Cybersecurity specialists have noted that this leak poses immense risks of account takeovers, identity theft, and enabling phishing scams. The leaked data is being described as a “collection-of-collections,” with multiple previously breached databases compiled into one easy-to-access repository for cybercriminals.

Infostealer Malware and Why It’s a Serious Threat

This incident brought to light a type of malware that experts refer to as the Infostealer. Just as the name suggests, this is a malware program made expressly to take personal information from compromised computers and devices, including cookies, session tokens, browser data, login credentials, and more. It targets high-value credentials, as opposed to ransomware, which encrypts files for ransom, or spyware that passively watches users. Once installed, they silently gather passwords, screenshots, and other information while hiding inside unassuming software, such as a game, utility, or browser plugin. Once stolen, these credentials are then combined by hackers to create databases, which are then offered for sale on dark web forums or even made public, as was the case in this breach. This is particularly risky since, if session tokens or other browser data are also taken, these credentials can be used to get around even two-factor authentication. As a result, the leak would also enable the rise of other crimes such as phishing.

Guidelines for protection 

In response to this breach, India’s Computer Emergency Response Team (CERT-IN) issued an advisory, urging all internet users to take immediate action to protect their accounts. Although this is in response to the specific data leak, these are some key measures advised to be followed to maintain a general standard of cyber hygiene at all times.

• Reset your passwords: In case of incidents such as the above, users are advised to change the passwords of their accounts immediately. More so of the ones that have been compromised and need to be prioritised, such as email, online banking, and social media etc.
• Use strong, unique passwords and password manager features: Avoid password reuse across platforms. Using a password manager on a trusted platform can aid in storing and recalling them for different accounts.
• Monitor account activity: Check activity logs, especially for signs of unrecognised login attempts or password-reset notifications.
• Enable Multi-Factor Authentication (MFA): The user is advised to enable two-step verification (via an app like Google Authenticator or a hardware key), which will add an extra security layer.
• Phishing attacks: Cybercriminals will likely attempt to use leaked credentials to impersonate legitimate companies and send phishing emails. Read carefully before clicking on any links or attachments received.
• Scan devices for malware: Run updated antivirus or anti-malware scans to catch and remove infostealers or other malicious software lurking on your device.

Why This Data Breach is a Wake-Up Call

With 16 billion credentials exposed, this breach highlights the critical need for robust personal cybersecurity hygiene. It also reveals the persistent role of infostealer malware in feeding a global cybercrime economy, one where credentials are the most valuable assets. As Infosecurity Europe and other analysts highlight, infostealers are lightweight, often distributed via phishing or malicious downloads, and are highly effective at lifting data in the background without alerting the user. Even up-to-date antivirus software can struggle to catch new variants, making proactive security practices with respect to such malware all the more essential. In a time where data is everything, access to credentials can derive power and safety, regarding it must be kept in check.

Conclusion

This breach is a reminder that cybersecurity is a shared responsibility. Even with protective systems in place with respect to the industries and official authorities, every internet user must do their part in protecting themselves through cyber hygiene practices such as resetting passwords, using multi-factor authentication, staying vigilant against phishing scams, and ensuring devices are regularly scanned for malware. While breaches like this can seem overwhelming and might create a surge of panic, practical measures go a long way in mitigating exposure. Staying informed and proactive is the best defence one can adopt in a rapidly evolving threat landscape. 

References

• https://economictimes.indiatimes.com/news/international/us/16-billion-passwords-exposed-in-unprecedented-cyber-leak-of-2025-experts-raise-global-alarm/articleshow/121961165.cms?from=mdr 
• https://timesofindia.indiatimes.com/technology/tech-news/16-billion-passwords-leaked-on-internet-what-you-need-to-know-to-protect-your-facebook-instagram-gmail-and-other-accounts/articleshow/121967191.cms  
• https://indianexpress.com/article/technology/tech-news-technology/16-billion-passwords-leaked-online-what-we-know-10077546/ 
• https://indianexpress.com/article/technology/tech-news-technology/16-billion-passwords-leaked-online-what-we-know-10077546/  
• https://www.hindustantimes.com/business/certin-issues-advisory-after-data-breach-of-16-billion-credentials-asks-people-to-change-passwords-101750779940872.html  
• https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES02&VLCODE=CIAD-2025-0024  ‍
• https://www.infosecurityeurope.com/en-gb/blog/threat-vectors/guide-infostealer-malware.html

Executive Summary

‍

An image of a purported new ₹500 plastic banknote is being widely shared on social media. Users claim that the Reserve Bank of India (RBI) has issued the new note and replaced Mahatma Gandhi’s portrait with the Ashoka Pillar.The CyberPeace Research Wing  research found the claim to be misleading. The probe revealed that RBI has not issued any new ₹500 plastic banknote. Furthermore, no official announcement or decision has been made regarding the removal of Mahatma Gandhi’s portrait from Indian currency and its replacement with the Ashoka Pillar.

‍

Claim

‍

An Instagram user shared the viral image with the claim: “RBI has issued a ₹500 plastic note in which Mahatma Gandhi’s image has been removed and replaced with the Ashoka Pillar.” The claim has been widely circulated on social media, with many users sharing the image as genuine. The post link, archived version, and screenshot can be seen below.

• https://www.instagram.com/p/DZFYXjCmrkx/ 
• https://archive.ph/8TcNK 

‍

‍

Fact Check

‍

To verify the claim, we conducted a keyword search on Google. However, we found no credible media reports suggesting that RBI had issued a new ₹500 plastic note featuring the Ashoka Pillar in place of Mahatma Gandhi. We then searched the official RBI website for any notification or announcement related to the claim. Our search yielded no official communication supporting the viral claim.

• https://rbi.org.in/Scripts/NotificationUser.aspx 

‍

‍

During the research, we also came across a report published by Business Standard. According to the report, the Reserve Bank of India is exploring the possibility of introducing polymer (plastic) currency notes in the future. The report states that RBI is studying and discussing the proposal in view of the growing global adoption of polymer notes and their greater durability. However, the report does not state that RBI has already issued a new ₹500 plastic note. Nor does it mention any decision to remove Mahatma Gandhi’s portrait from existing currency notes and replace it with the Ashoka Pillar.

• https://www.business-standard.com/finance/news/rbi-set-to-unveil-polymer-rupee-notes-amid-rising-currency-demand-126052801725_1.html

‍

‍

Conclusion

‍

The research found that the viral claim is misleading. RBI has not issued any new ₹500 plastic banknote, and there has been no official announcement or decision to replace Mahatma Gandhi’s portrait on Indian currency with the Ashoka Pillar.

‍

Disclaimer:

‍

This report is the collaborative outcome of insights derived from the CyberPeace Helpline’s operational statistics and the CyberPeace Research Team, covering the monthly helpline case trends of May 2025, the report identifies recurring trends, operational challenges, and strategic opportunities. The objective is to foster research-driven solutions that enhance the overall efficacy of the helpline. 

‍

Executive Summary:

‍

This report summarizes the cybercrime cases reported in May, offering insights into case types, gender distribution, resolution status, and geographic trends.

As per our analysis, out of various Cyber Frauds Financial Fraud was the most reported issue, making up 43% of cases, followed by Cyberbullying (26%) and Impersonation (14%). Less frequent but serious issues included Sexual Harassment, Sextortion, Hacking, Data Tampering, and Cyber Defamation, each accounting for 3–6%, highlighting a mix of financial and behavioral threats.The gender distribution was fairly balanced, with 51% male and 49% female respondents. While both genders were affected by major crimes like financial fraud and cyber bullying, some categories—such as sexual harassment—reflected more gender-specific risks, indicating the need for gender-responsive policies and support.

Regarding case status, 60% remain under follow-up while 40% have been resolved, reflecting strong case-handling efforts by the team.

The location-wise data shows higher case concentrations in Uttar Pradesh, Andhra Pradesh, Karnataka, and West Bengal, with significant reports also from Delhi, Telangana, Maharashtra, and Odisha. Reports from the northeastern and eastern states confirm the nationwide spread of cyber incidents.In conclusion, the findings point to a growing need for enhanced cybersecurity awareness, preventive strategies, and robust digital safeguards to address the evolving cyber threat landscape across India.

‍

Cases Received in May:

‍

As per the given dataset, the following types of cases were reported to our team during the month of May:

‍

• 💰 Financial Fraud – 43%
• 💬 Cyber Bullying – 26%
• 🕵️‍♂️ Impersonation – 14%
• 🚫 Sexual Harassment – 6%
• 📸 Sextortion – 3%
• 💻 Hacking – 3%
• 📝 Data Tampering – 3%
• 🗣️ Cyber Defamation – 3%

‍

‍

‍

The chart illustrates various cybercrime categories and their occurrence rates. Financial Fraud emerges as the most common, accounting for 43% of cases, highlighting the critical need for stronger digital financial security. This is followed by Cyber Bullying at 26%, reflecting growing concerns around online harassment, especially among youth. Impersonation ranks third with 14%, involving identity misuse for deceitful purposes. Less frequent but still serious crimes such as Sexual Harassment (6%), Sextortion, Hacking, Data Tampering, and Cyber Defamation (each 3%) also pose significant risks to users’ privacy and safety. Overall, the data underscores the need for improved cybersecurity awareness, legal safeguards, and preventive measures to address both financial and behavioral threats in the digital space.

‍

Gender-Wise Distribution:

‍

• 👨 Male – 51%
• 👩 Female – 49%

‍

‍

‍

The chart illustrates the distribution of respondents by gender. The data shows that Male participants make up 51% of the total, while Female participants account for 49%. This indicates a fairly balanced representation of both genders, with a slight majority of male respondents.

‍

Gender-Wise Case Distribution:

‍

‍

‍

‍

‍

1. The chart presents a gender-wise distribution of various cybercrime cases, offering a comparative view of how different types of cyber incidents affect males and females.
2. It highlights that both genders are significantly impacted by cybercrimes such as financial fraud and cyber bullying, indicating a widespread risk across the board.
3. Certain categories, including sexual harassment, cyber defamation, and hacking, show more gender-specific patterns of victimization, pointing to differing vulnerabilities.
4. The data suggests the need for gender-sensitive policies and preventive measures to effectively address the unique risks faced by males and females in the digital space.
5. These insights can inform the design of tailored awareness programs, support services, and intervention strategies aimed at improving cybersecurity for all individuals.

‍

‍Major Location Wise Distribution:

‍

The map visualization displays location-wise distribution of reported cases across India. The cases reflect the cyber-related incidents or cases mapped geographically.

‍

‍

The map highlights the regional distribution of cybercrime cases across Indian states, with a higher concentration in Uttar Pradesh, Andhra Pradesh, Karnataka, and West Bengal. States like Delhi, Telangana, Maharashtra, and Odisha also show notable activity, indicating widespread cyber threats. Regions including Assam, Tripura, Bihar, Jharkhand, and Jammu & Kashmir further reflect the pan-India spread of such incidents. This distribution stresses the need for targeted cybersecurity awareness and stronger digital safeguards nationwide

‍

CyberPeace Advisory:

‍

• Use Strong and Unique Passwords: Create complex passwords using a mix of letters, numbers, and symbols. Avoid reusing the same password across multiple platforms.
  
• Enable Multi-Factor Authentication (MFA): Add an extra layer of security by using a second verification step like an OTP or authentication app.
  
• Keep Software Updated: Regularly update your operating system, apps, and security tools to protect against known vulnerabilities.
  
• Install Trusted Security Software: Use reliable antivirus and anti-malware programs to detect and block threats.
  
• Limit Information Sharing: Be cautious about sharing personal or sensitive details, especially on social media or public platforms.
  
• Secure Your Network: Protect your Wi-Fi with a strong password and encryption. Avoid accessing confidential information on public networks.
  
• Back Up Important Data: Regularly save copies of important files in secure storage to prevent data loss in case of an attack.
  
• Stay Informed with Cybersecurity Training: Learn how to identify scams, phishing attempts, and other online threats through regular awareness sessions.
  
• Control Access to Data: Give access to sensitive information only to those who need it, based on their job roles.
• ‍Monitor and Respond to Threats: Continuously monitor systems for unusual activity and have a clear response plan for handling security incidents.

‍

• CyberPeace Helpline mail ID:  helpline@cyberpeace.net
• CyberPeace Helpline Number:  9570000066
• Central Government Helpline: https://cybercrime.gov.in/
• Central Government Helpline Number: 1930

‍

Conclusion

The cybercrime cases reported in May highlight a diverse and evolving threat landscape across India. Financial fraud, cyber bullying, and impersonation are the most prevalent, affecting both genders almost equally, though some crimes like sexual harassment call for targeted gender-sensitive measures. With 60% of cases still under follow-up, the team’s efforts in investigation and resolution remain strong. Geographically, cyber incidents are widespread, with higher concentrations in several key states, demonstrating that no region is immune. These findings underscore the urgent need to enhance cybersecurity awareness, strengthen preventive strategies, and build robust digital safeguards. Proactive and inclusive approaches are essential to protect individuals and communities and to address the growing challenges posed by cybercrime nationwide.

‍