Second data breach in six months at BSNL India telecom operator
Learn More
Bharat Sanchar Nigam Limited (BSNL), the India state-owned telecommunications provider, has experienced a significant data breach orchestrated by a threat actor known as "kiberphant0m." The breach, as explained by in a Threat Intelligence Report by Athenian Technology, has compromised over 278GB of sensitive information, putting millions of users at risk.
The compromised data includes:
- International Mobile Subscriber Identity (IMSI) numbers
- SIM card information
- Home Location Register (HLR) details
- DP Card Data
- Snapshots of BSNL's SOLARIS servers
The number of affected individuals and the nature of the attack is not disclosed.
The threat actor, kiberphant0m, has published samples and is selling the stolen data for $5,000.
The breached data can be abused to create a duplicate SIM card using the same IMSI and authentication keys as the original and intercept messages and calls, access bank accounts, and commit fraud, resulting in severe personal and financial losses.
The personal data can be used for social engineering, financial fraud and identity theft, phishing schemes and social engineering attacks.
BSNL has not commented on the claims so far. This is a second breach for BSNL in 6 months - in December 2023 a hacker self-named as ‘Perell’, published a dataset comprising 32,000 lines of data stolen from BSNL on a dark web forum.
Update - as of 20th of July 2024, the central government of India has confirmed a data breach in Bharat Sanchar Nigam Limited (BSNL) systems, which was reported on May 20, 2024. Minister of State for Communications Chandra Sekhar Pemmasani disclosed this in a written response to a query by Congress MP Amar Singh in the Lok Sabha - the lower house of India's bicameral Parliament.
The minister stated that the government has constituted an inter-ministerial committee to conduct an audit of the telecom networks and suggest remedial measures
