Indian Government Switches to Zoho-Backed Email Service Amid Global Data Leak
A recent worldwide data leak has revealed a staggering 16 billion usernames and passwords from popular services like Apple, Google, Facebook, Telegram, GitHub, and various VPN platforms. Although the recent data breach didn’t impact any Indian government email accounts, the government is proactively enhancing its cybersecurity measures.
New Email Platform Mandated
After the global incident, the Indian government instructed all departments to shift from the older “@nic.in” domain to the new “@mail.gov.in” email system. Zoho, a Chennai-based IT company, developed this platform after winning the official contract in late 2023.
Moving from Precaution to Protection
Government officials have confirmed that the recent breach did not compromise any official accounts. Nevertheless, the government is adopting a proactive approach—prioritizing prevention over reaction. The switch to Zoho-backed email is designed to strengthen defences against future cyberattacks and safeguard official communication.
Recent Defence Email Phishing Incident
Adding to the urgency, a government Defence email account was recently targeted by a phishing attempt. The fraudulent message included a malicious link and urged recipients not to click or download attachments. While initially mistaken as related to the global breach, officials clarified this was a separate, isolated incident involving only one compromised account.
What the Data Leak Revealed
The breach exposed login credentials and session data from major online platforms, including:
- Apple
- Telegram
- GitHub
- Multiple VPN services
This data surge is now available on the dark web, heightening risk levels for users everywhere.
CERT-In Issues Cybersecurity Advisory
On June 23, India’s cybersecurity agency CERT-In issued alert CIAD-2025-0024, advising both individuals and organisations to:
- Change all passwords immediately
- Enable Multi-Factor Authentication (MFA)
- Use phishing-resistant options like passkeys
- Implement a zero-trust security model
- Monitor for unusual login activity
- Secure any exposed or misconfigured databases
A Bold Step Toward Safer Communication
By migrating its email infrastructure to Zoho’s platform, the Indian government aims to reduce vulnerabilities and strengthen digital safety protocols. This move reflects an intentional shift from reactive cybersecurity to long-term preventive strategy—ensuring secure communication across all government functions.