BSNL experiences second data breach in half a year

Bharat Sanchar Nigam Ltd Suffers Data Breach, Threat Actor Claims Access to Sensitive Information

Bharat Sanchar Nigam Ltd has suffered a data breach, with a threat actor claiming to have accessed sensitive information, including international mobile subscriber identity (IMSI) numbers, SIM card details, home location register data, and critical security keys, digital risk management firm Athentian Technology said in a report.

Breach Details

The breach, claimed by the threat actor known as “kiberphant0m”, involved over 278 GB of data from BSNL’s telecom operations, including server snapshots. This data can be misused for SIM cloning and potentially more severe criminal activities like extortion, according to Athentian Technology CEO Kanishk Gaur.

This is the second data breach instance for the state-owned telecom operator in six months, with the first one reported in December last year. The threat actor in this instance has publicly priced the data at $5,000 and deemed it as “complex and critical.”

Security Concerns

The compromised data could be used for launching more sophisticated cyber-attacks, not just on BSNL but on other interconnected systems and networks, posing risks to national security. Attackers could bypass security measures on financial accounts, leading to financial losses and identity theft for users.

BSNL is urged to initiate an urgent investigation, secure network endpoints, audit access logs, and implement enhanced security measures, including frequent security audits and advanced threat detection technologies, as advised by Gaur.

Previous Breach and Current Situation

In last year’s breach, a threat actor under the alias “Perell” disclosed a “sample dataset” on a dark web forum, compromising sensitive details of BSNL’s fibre and landline users. The latest breach involves data distinct from the previous dataset, focusing more on telecom operations than user information.