A covert investigation has brought to light a disturbing network of alleged detective agencies involved in selling highly sensitive personal data, raising serious concerns over systemic vulnerabilities in India’s telecom and banking infrastructure.
The findings reveal that reporters approached individuals linked to an outfit named ‘Indore Detective Service’ using a fabricated case involving a female Tehsildar allegedly trapped in a corruption scandal. Without verifying the story, the contacts offered access to phone numbers, call records, location data and other personal details. They even asked whether the target was a wife, girlfriend, business associate or politician, and proposed providing 6 months of call data along with TDS and bank account information.
Sample data was reportedly shared within minutes, followed by offers to trace financial transactions, identify linked accounts, map communication networks and recover deleted mobile data.
The operation also highlighted a structured pricing model, indicating an organised setup rather than isolated wrongdoing. A WhatsApp invoice listed ₹1.2 lakh for 6 months of call records for 3 individuals, ₹15,000 for bank statements, ₹10,000 for TDS data and ₹40,000 as investigation fees, totalling ₹1.85 lakh. Another contact admitted the services were illegal and unusable in court but still offered data access within 2 to 3 days.
Pricing ranged from ₹12,000 for 1 month to ₹35,000 for 6 months of records. It was also acknowledged that only authorised senior police officials can legally access such data.
The individuals claimed that the information is sourced using specialised tools and insider access within telecom firms and banks. The alleged data pool includes call records, banking details, TDS information and even WhatsApp chats and media. Experts have warned that such accessibility reflects major security gaps in critical systems.
Legally, accessing call detail records without proper authorisation violates the Indian Telegraph Act, 1885 and the IT Act, 2000, attracting penalties of up to 3 years imprisonment and fines between ₹1 lakh and ₹2 crore. Industry experts emphasised that no legitimate detective agency is permitted to obtain such data. The revelations have triggered wider concerns around privacy breaches and national security risks, pointing to deep flaws in data protection, regulatory oversight and internal controls.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream LinkedIn | The Mainstream Facebook | The Mainstream Youtube | The Mainstream Twitter
About us:
The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.
