The state-owned telecommunications operator Bharat Sanchar Nigam Ltd (BSNL) is reported to have experienced a data breach, with a threat actor named ‘Perell’ claiming possession of “critical information” related to the company’s users, according to ET sources. The alleged breach involves the disclosure of a ‘sample dataset’ on a dark web forum, comprising sensitive details of BSNL’s fibre and landline users.
The dataset, consisting of about 32,000 lines, is claimed by the threat actor to represent a total of over 2.9 million lines across all databases. The compromised data includes email addresses, billing details, and contact numbers, as well as information on mobile outage records, network details, completed orders, and customer information.
All About BSNL Data Breach
The breach is considered a significant threat to the privacy and security of BSNL customers, identified as critical infrastructure, with concerns raised about potential consequences such as identity theft, financial fraud, and targeted phishing attacks. The sample dataset, reviewed by ET, reveals customer details such as their district. The Cybersecurity watchdog Cert-In has reportedly been informed about the incident.
Kanishk Gaur, a cybersecurity expert, expressed deep concern about the breach, emphasizing its far-reaching implications for both BSNL and its users. Saket Modi, CEO of Safe Security, suggested that the breach might be an individual act rather than the work of an organized cybercriminal group, citing indications from the hacker about the number of compromised data rows.
The available data structure on the dark web suggests a potential exploitation of a SQL (Structured Query Language) Injection vulnerability, a common attack vector for manipulating backend databases. Modi highlighted that the hacker claimed to possess data from other sources, including a Russian social media site, a Cambodia Khmer citizen database, and various domains.
Gaur stressed the importance of immediate and transparent actions by BSNL to address the breach, recommending continuous monitoring of the attack surface, robust cybersecurity frameworks, regular security audits, and employee training in cybersecurity awareness. This incident follows a data breach reported at the Taj Hotels Group less than a month ago.
