A private cybersecurity contractor from China appears to have successfully breached Indian government data at some time in the past eight years, according to an analysis of leaked files by The Washington Post.

The Chinese firm, iSoon, may have obtained and attempted to sell 92.5 gigabytes of official immigration data from India, including flight and visa details of Indian citizens and foreign passengers, the analysis suggests.

The 190-megabyte leak also suggested that the cybersecurity contractor has access to data from a security breach of the Employees’ Provident Fund Organisation in 2018 that had exposed the personal data of millions of Indians. The information was “repackaged” by the Chinese cyber agency, according to a probe by the Centre’s Indian Computer Emergency Response Team, reported The Indian Express citing an unidentified government official.

The leaked files were posted anonymously to the public website GitHub last week. They are believed to originate from iSoon, which is “one of the hundreds of enterprising companies that support China’s aggressive state-sponsored hacking efforts”, reported The New York Times.

Cybersecurity experts are unsure about who is behind the leak but said that the files “appear legitimate”, reported AP. Dakota Cary, a China analyst with the cybersecurity firm SentinelOne, told the news agency that the files “align with what would be expected from a contractor hacking on behalf of China’s security apparatus with domestic political priorities”.

In addition to India, the leaked files suggest that at least 13 other foreign governments were targeted in varying capacities by i-Soon, including Thailand, Taiwan, Malaysia, Hong Kong, Vietnam, Indonesia, South Korea, Nigeria, Afghanistan and Mongolia.

Private telecommunications firms also appear to have been targeted in Hong Kong, Kazakhstan, Malaysia, Mongolia, Nepal and Taiwan.