The Indian IT ministry’s Indian Computer Emergency Response Team (CERT-in) department has issued a new directive to all crypto exchanges, VPN providers, and data centres to mandatorily store user data for up to 5 years. This data includes contact information, ownership patterns, names, and several other elements that make up user identity with these companies. All cyber incidents will also be required to be reported to the department within 6 hours.
