The Intelligence Fusion and Strategic Operations (IFSO) unit of the Delhi Police has arrested Rahul Sinha, a Customs Department official for allegedly stealing and selling highly sensitive customs and trade data to private companies, including entities based in China. The case has raised serious concerns about the security of India’s digital trade infrastructure and the potential misuse of confidential economic information.
Rahul Sinha, the accused officer, is currently in police custody and is being questioned regarding his alleged role in the unauthorised extraction and commercial sale of sensitive data from government systems.
Table of Contents
FIR Registered Under Multiple Laws
The IFSO unit registered a First Information Report (FIR) on March 10, 2026, under provisions of the Information Technology Act, the Customs Act, and several sections of the Bharatiya Nyaya Sanhita (BNS), including offences relating to criminal conspiracy, cheating and breach of confidentiality.
Confirming the development, DCP (IFSO) Vinit Kumar said the matter is under investigation and declined to share additional details.
Complaint Filed by Directorate General of Systems
The investigation was initiated after the Joint Director (Data Centre and Cyber Security) of the Directorate General of Systems filed a complaint on February 27, 2026. The complaint alleged unauthorised access, extraction, disclosure and sale of sensitive customs data from government systems designated as “protected systems” and classified as Critical Information Infrastructure.
According to the complaint, the data may have been accessed through misuse of passwords, insider access or through third-party vendors who had access to the systems.
Sensitive Information Allegedly Compromised
The FIR states that the leaked data included both personally identifiable information and commercially sensitive trade data relating to importers and exporters.
This information reportedly contained detailed insights into pricing, sourcing patterns, supplier relationships, trade volumes, logistics chains and the market positioning of businesses engaged in international trade.
Investigators noted that such data amounts to valuable economic intelligence and, if misused, can provide competitors with a significant advantage.
Threat to Fair Competition and Economic Security
According to the FIR, unlawful access to this data could allow competitors and data brokers to analyse transaction-level pricing and strategically undercut Indian businesses.
Authorities warned that this could distort fair market practices, suppress prices, reduce export margins, divert business orders and adversely affect India’s foreign exchange earnings.
The FIR further stated that large-scale breaches of this nature could undermine confidence in India’s digital trade systems, weaken the global competitiveness of domestic industries and pose serious risks to revenue collection, trade policy and national economic security.
CERT-In Identifies Around 70 Websites
The Indian Computer Emergency Response Team (CERT-In), operating under the Ministry of Electronics and Information Technology, reportedly shared a list of approximately 70 websites suspected of selling the leaked customs data.
These websites include both Indian and international platforms offering import-export and trade intelligence services.
Covert Verification Conducted by Investigators
To verify the allegations, officials conducted a covert operation by creating accounts on some of the identified websites and paying for access to the data.
After making the payments, investigators were able to download datasets that were cross-checked with official customs records and found to match exactly, confirming the authenticity of the leaked information.
Suspected Role of Insiders and Vendors
Because the compromised information originated from highly secure government systems, investigators suspect the involvement of insiders or external vendors with legitimate access to the data infrastructure.
The complaint submitted to police includes screenshots, technical logs, communication records and relevant government notifications supporting the allegations.
Personal and Business Data Exposed
The FIR states that the leaked data contained personal information and confidential business details that should not have been available in the public domain.
Officials said the exposure of such information conclusively establishes that there was an unauthorised leak and commercial sale of protected government data.
Investigation Continues
Delhi Police is continuing its investigation to determine how the data was extracted, who purchased it and whether additional individuals, including government officials or private entities, were involved.
The case is being closely watched because of its implications for cybersecurity, protection of sensitive trade data and India’s broader economic interests.
Read More: Mutual Fund Distributors Raise GST Compliance Concerns Amid Delay in Commission Payouts
