'Tis the season for data leaks and India got its fair share over the past three days. At least three major revelations showed that the private information of Indians, as well as overseas citizens who accessed certain prominent websites, was not secure.

The first concerned a leaky app[1] belonging to India's Prime Minister Narendra Modi with 5 million followers whose private data, according to a French security sleuth, was being funneled to a private US firm. Then it turned out that Congress Party's website, with far less impressive membership, had the exact same problem.

The most significant data bombshell hours ago, however, was from Cambridge Analytica whistleblower Christopher Wylie, who revealed the oldest political party in India as being a client of his former employers.

"I believe their [Cambridge Analytica] client was Congress," Wylie explicitly told[2] the UK Parliamentary committee for digital, culture, media and sports. Wylie didn't remember exactly which elections the UK firm had helped out on, "But I know that they have done all kinds of projects. I don't remember any national project but they have definitely done regional," he said, adding that he could unearth documents to substantiate his testimony when necessary. Congress has denied any knowledge of dealings with Cambridge Analytica.

Another macabre Indian connection was disclosed by IT expert Paul-Olivier Dehaye, who alleged that another Cambridge hand, who happened to be Wylie's predecessor, was apparently playing a double agent -- working for Congress but also "getting paid by an Indian billionaire who actually wanted Congress to lose". This operative was later murdered in Kenya, said Dehaye.

By contrast, the revelation[3] on Sunday by French security researcher Robert Baptiste (who goes by the handle Elliot Alderson)

Read more from our friends at ZDNet