In Short:
State-owned telecom operator BSNL experienced a data breach, with a threat actor claiming to have accessed sensitive information like IMSI numbers, SIM card details, and security keys. This is the second breach in six months for BSNL. The compromised data can be used for cyber-attacks and financial fraud. The threat actor is selling the data for $5,000. BSNL needs to investigate, enhance security measures, and secure network endpoints.
Bharat Sanchar Nigam Ltd Suffers Data Breach, Threat Actor Claims Access to Sensitive Information
Bharat Sanchar Nigam Ltd has suffered a data breach, with a threat actor claiming to have accessed sensitive information, including international mobile subscriber identity (IMSI) numbers, SIM card details, home location register data, and critical security keys, digital risk management firm Athentian Technology said in a report.
Breach Details
The breach, claimed by the threat actor known as “kiberphant0m”, involved over 278 GB of data from BSNL’s telecom operations, including server snapshots. This data can be misused for SIM cloning and potentially more severe criminal activities like extortion, according to Athentian Technology CEO Kanishk Gaur.
This is the second data breach instance for the state-owned telecom operator in six months, with the first one reported in December last year. The threat actor in this instance has publicly priced the data at $5,000 and deemed it as “complex and critical.”
Security Concerns
The compromised data could be used for launching more sophisticated cyber-attacks, not just on BSNL but on other interconnected systems and networks, posing risks to national security. Attackers could bypass security measures on financial accounts, leading to financial losses and identity theft for users.
BSNL is urged to initiate an urgent investigation, secure network endpoints, audit access logs, and implement enhanced security measures, including frequent security audits and advanced threat detection technologies, as advised by Gaur.
Previous Breach and Current Situation
In last year’s breach, a threat actor under the alias “Perell” disclosed a “sample dataset” on a dark web forum, compromising sensitive details of BSNL’s fibre and landline users. The latest breach involves data distinct from the previous dataset, focusing more on telecom operations than user information.