The BSNL data breach exposes sensitive information, including SIM card details and call logs.
BSNL Data Breach in Detail
The BSNL data breach was first disclosed by an Indian firm, Athenian Tech, in its threat intelligence report. According to the report, a threat actor, operating under the alias “kiberphant0m”, leaked a significant amount of sensitive data affecting millions of users.
The BSNL data breach reportedly involves critical data, including international Mobile Subscriber Identity (IMSI) numbers, SIM card information, Home Location Register (HLR) specifics, DP Card Data, and even snapshots of BSNL’s SOLARIS servers, which can be misused for SIM cloning.
The threat actor posted this information on the data hack site BreachForums and shared samples of the breach to legitimize the claim. Overall, around 278GB of sensitive information was claimed to be compromised.
The hacker also posted details of call log samples that leaked sensitive information like mobile numbers of users, the date and duration of calls, and the amount charged for the call in Indian Rupees. The call log samples were being leaked in two sets: one for the month of May 2024 and another from 2020. The threat actor was selling the alleged stolen data for $5,000.
This data is critical, as it can provide hackers with an entry point into BSNL’s networks, potentially allowing them to clone SIM cards of users. Such a capability could enable attackers to intercept communications, access private information, and potentially disrupt services.
India’s Computer Emergency Response Team (CERT-In), the national agency for incident response, identified the potential intrusion and data breach at BSNL. Minister Pemmasani confirmed that while the breach did not lead to any service outages, one BSNL server was found to have data similar to the sample data shared by CERT-In.
“The same was analysed and found that one File Transfer Protocol (FTP) server had the data similar to the sample data shared by CERT-In. No breach into the Home Location Register (HLR) of the telecom network has been reported by the equipment manufacturer, hence no service outage in BSNL’s network,” the minister said.
The government has set up an inter-ministerial committee to conduct a detailed investigation of telecom networks. The committee will conduct a comprehensive audit of telecom networks and recommend measures to ensure that the country doesn’t face similar breaches in the future.
The Telecom Minister emphasised the importance of securing telecom networks to protect sensitive user data and maintain the integrity of communication services.
Implications of BSNL Data Breach
The breach at BSNL highlights the growing cybersecurity threats within India’s telecom sector. While there has been minimal impact on the telecom operator’s services, the potential for significant exploitation of the compromised data remains a concern. The government’s swift action in addressing the breach and investigating the vulnerabilities is crucial in mitigating further risks. Users should remain vigilant and monitor their accounts for any unusual activity.