The Bharat Sanchar Nigam Limited (BSNL) has allegedly fallen victim to a data breach, with a threat actor known as “Perell” claiming access to critical information related to the state-owned telecom operator’s users.
The BSNL data breach has raised concerns over the privacy and security of BSNL customers, as the threat actor released a sample dataset on a dark web forum, containing 32,000 lines of sensitive details about fiber and landline users.
According to ET, the total number of lines across all databases amounts to a staggering 2.9 million, encompassing email addresses, billing details, contact numbers, and various other sensitive information. However, the security incident is yet to be confirmed by the company.
Decoding BSNL Data Breach: What Data is at Risk?
The BSNL data breach came to light when Perell posted the dataset, including information about mobile outage records, network details, completed orders, and customer information.
The gravity of the BSNL cyberattack is underscored by the fact that BSNL is recognized as one of the biggest telecom providers in India, making the compromise of user privacy a pressing concern.
An official report by The Economic Times (ET) highlighted the severity of the BSNL data breach, noting that Cert-In has been alerted to the BSNL cyberattack.
Kanishk Gaur, founder of India Future Foundation, emphasized the gravity of the situation, stating, “The recent data breach at BSNL is deeply concerning. This incident has far-reaching implications for both BSNL and its users.”
Notably, Baptiste Robert, CEO at PredictaLabOff, recalled a 2018 data breach, pointing out a SQL injection in BSNL’s intranet website. This vulnerability allowed attackers to access the entire database, compromising information on 47K+ BSNL employees, senior officers, administrators, and retired employees.
However, The Cyber Express is yet to verify the authenticity of the recent BSNL data breach and its potential connection to the 2018 intrusion.
What’s Next for the BSNL Cyberattack?
Saket Modi, co-founder and CEO of Safe Security, a cyber risk management startup, shed light on the potential nature of the breach. In a conversation with ET, he stated, “The hacker claims that the number of rows of data to be around 2.9 million, which indicates a high probability that it is a single website that may have been breached.
The Cyber Express has reached out to BSNL for official statements or responses regarding the BSNL data breach. However, as of the time of writing, no official confirmation or denial has been received, leaving the claims of the BSNL data breach unverified.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.