10.1 C
New Delhi
Monday, December 30, 2024

BSNL experiences second data breach in half a year

More from Author

In Short:

State-owned telecom operator BSNL experienced a data breach, with a threat actor claiming to have accessed sensitive information like IMSI numbers, SIM card details, and security keys. This is the second breach in six months for BSNL. The compromised data can be used for cyber-attacks and financial fraud. The threat actor is selling the data for $5,000. BSNL needs to investigate, enhance security measures, and secure network endpoints.


Bharat Sanchar Nigam Ltd Suffers Data Breach, Threat Actor Claims Access to Sensitive Information

Bharat Sanchar Nigam Ltd has suffered a data breach, with a threat actor claiming to have accessed sensitive information, including international mobile subscriber identity (IMSI) numbers, SIM card details, home location register data, and critical security keys, digital risk management firm Athentian Technology said in a report.

Breach Details

The breach, claimed by the threat actor known as “kiberphant0m”, involved over 278 GB of data from BSNL’s telecom operations, including server snapshots. This data can be misused for SIM cloning and potentially more severe criminal activities like extortion, according to Athentian Technology CEO Kanishk Gaur.

This is the second data breach instance for the state-owned telecom operator in six months, with the first one reported in December last year. The threat actor in this instance has publicly priced the data at $5,000 and deemed it as “complex and critical.”

Security Concerns

The compromised data could be used for launching more sophisticated cyber-attacks, not just on BSNL but on other interconnected systems and networks, posing risks to national security. Attackers could bypass security measures on financial accounts, leading to financial losses and identity theft for users.

BSNL is urged to initiate an urgent investigation, secure network endpoints, audit access logs, and implement enhanced security measures, including frequent security audits and advanced threat detection technologies, as advised by Gaur.

Previous Breach and Current Situation

In last year’s breach, a threat actor under the alias “Perell” disclosed a “sample dataset” on a dark web forum, compromising sensitive details of BSNL’s fibre and landline users. The latest breach involves data distinct from the previous dataset, focusing more on telecom operations than user information.

- Advertisement -spot_img

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

- Advertisement -spot_img

Latest article