Indian ISP Hathway impacted by data breach, data available on the dark web

The hacker self-titled 'dawnofdevil' has claimed responsibility for hacking Hathway and data theft, has created a search engine of the stolen data on the dark web. Hathway (formerly known as BITV Cable Networks and officially named Hathway Cable & Datacom Ltd) is a leading Indian Internet Service Provider (ISP) and cable television service operator.

The dark web tool is designed for potential victims, enabling them to search for their own email addresses and phone numbers to ascertain if their data has been compromised.

The breach was announced on Breach Forums, where 'dawnofdevil' explained that they exploited a vulnerability in Hathway's Laravel framework-based content management system in December 2023. The hacker posted two links: one containing 12GB of user data and another with an enormous 214GB of data over 800 CSV files and production data.

The 12GB file is said to contain personal details of over 41 million Hathway customers, including:

• names,
• email addresses,
• phone numbers,
• home addresses,
• customer registration forms,
• Adhaar (ID) card copies,
• KYC data.

Further indicates that the actual data pertains to about 35 million users, with many accounts being duplicates or dummy. The genuine impacted accounts count is around 4 million.

The second file, which was deleted before analysis, reportedly also contained personal and financial details of Hathway’s employees and customers. Before leaking the data, 'dawnofdevil' attempted to sell it for $10,000.