BSNL Hit by Data Breach

BSNL Hit by Data Breach

Bharat Sanchar Nigam Limited (BSNL), the state-owned telecommunications provider, has experienced a significant data breach. According to a Threat Intelligence Report by Athenian Tech, the cyberattack was orchestrated by a threat actor known as “kiberphantom.” The hacker compromised a substantial amount of sensitive data, putting millions of users at risk

The breach involves critical data, including International Mobile Subscriber Identity (IMSI) numbers, SIM card information, Home Location Register (HLR) details, DP Card Data, and even snapshots of BSNL’s SOLARIS servers. In total, over 278GB of sensitive information has been compromised. The threat actor has claimed responsibility for the attack and provided samples to validate the data’s legitimacy. 

The report reveals that the hacker has priced the stolen data at $5,000 (approximately Rs 4,17,000). This special deal was available only from May 30, 2024, to May 31, 2024. The high price tag underscores the data’s significant value due to its sensitive nature and extensive scope. 

What Data Was Compromised? 

The compromised data includes: 

IMSI and SIM Details: Vital for the operation of SIM cards. 

HLR Details: Essential for network operations and user authentication. 

DP Card Data (8GB) and DP Security Key Data (130GB): Critical for BSNL’s security infrastructure. 

SOLARIS Server Snapshots (140GB): Potentially exposing operational secrets. 

Potential Risks and Implications 

SIM Cloning and Identity Theft: Cloning involves creating a duplicate SIM card with the same IMSI and authentication keys as the original. Attackers can intercept messages and calls, access bank accounts, and commit fraud, leading to severe personal and financial losses. 

Privacy Violations: Personal information could be misused for unauthorized access to communications and data breaches. 

Financial and Identity Theft: Fraudulent activities could bypass security measures on financial accounts, leading to significant financial losses and identity theft. 

Targeted Attacks and Scams: Users may become targets of phishing schemes and social engineering attacks, exploiting their trust in BSNL. 

The threat extends beyond BSNL users, potentially impacting the company’s operations and national security. The breach could lead to service outages, degraded performance, and unauthorized access to telecom operations. Additionally, sensitive data exposure can undermine national security and infrastructure stability. This attack sets a precedent for further assaults on critical infrastructure, potentially affecting other interconnected systems and networks. 

What Should BSNL Users Do? 

Users should monitor their phones and bank accounts for unusual activity. They should also enable two-factor authentication (2FA) for an additional layer of security on all accounts. Athenian Tech cybersecurity experts recommend that BSNL take immediate action to contain the breach, secure network endpoints, and audit access logs. BSNL must enhance its security measures, conduct frequent security audits, and adopt advanced threat detection technologies. 

Leave a Reply

Your email address will not be published. Required fields are marked *

Vodafone Executives Exit Indus Towers Board Following Bharti Airtel's Majority Stake Acquisition
Telecom Industry

Vodafone Executives Exit Indus Towers Board Following Bharti Airtel’s Majority Stake Acquisition

Executives from the UK’s Vodafone Group PLC, who served as non-executive directors on the board of Indus Towers, have resigned following Bharti Airtel’s increase in its stake to over 50 percent in the tower company. With the increased stake, Indus Towers is set to become a subsidiary of Bharti Airtel.  Vodafone Executives Step Down from […]

Read More
Delay in Vi’s ₹25,000 Crore Funding Worsens Financial Struggles
Telecom Industry

Delay in Vi’s ₹25,000 Crore Funding Worsens Financial Struggles

Vodafone Idea (Vi) is grappling with worsening financial challenges as its ₹25,000 crore debt-funding plan faces significant delays, casting doubt on its ability to achieve a turnaround. The setback follows the Supreme Court’s rejection of Vi’s curative petition to recalculate its adjusted gross revenue (AGR) dues, which has further strained the company’s financial outlook. Analysts […]

Read More
MTNL Defaults on Rs 1,094 Crore Loan to Bank of India
Telecom Industry

MTNL Defaults on Rs 1,094 Crore Loan to Bank of India

Mahanagar Telecom Nigam Ltd. (MTNL) added slippages of Rs 1,094 crore to Bank of India’s results for the July-September quarter, leading the lender to make provisions of Rs 200 crore. Total slippages for the quarter reached Rs 2,546 crore, up from Rs 1,930 crore in the previous quarter. Besides MTNL, slippages included Rs 702 crore […]

Read More