Several of those logs contained personnel files, health records and personally identifiable information on CISF officers.
Some of the files are dated as recently as 2022, according to the report.
The researcher said the security appliance is built by India-based security company Haltdos.
The company, however, did not comment on the report.
IANS spoke to cyber-security researchers who said that the leaked CISF database in PDF files is likely to be related to a recent government server (that has even been indexed in Google Search) hack.
In January, reports surfaced that Covid-19 data of over 20,000 Indians, including health workers, in PDF files were available on the Raid Forums website on the Dark Web, and the hacker claims that they were directly coming from a government CDN (content delivery network) server.
The same documents were available freely on Google Search as “List of Beneficiaries Enrolled for Covid Vaccine” with keywords like RT-PCR results.