DailyPost 2862
BSNL – MASSIVE DATA BREACH
Telcos are turning out to be the new cyber battleground, for the nature of likely access the hacked data can provide. Globally, the telecommunications companies are on the radars of hackers, their databases in need of heightened cyber security. How they go about it is another story. Are they in any way inclined to bear the capital cost that it would entail. Close on the heels of the recent Airtel leak, now there is news of massive data breach hits BSNL. The Union government has confirmed a data breach in BSNL, which was reported in May, 2024. This reply came in response to a query from Congress MP Amar Singh in the Lok Sabha.
To its credit, the Computer Emergency Response Team (CERT-In) has identified a potential intrusion and a data breach in BSNL. It was stated that the breach did not lead to any service outages. The data shared by CERT-In was similar to data contained in the BSNL server. Athenian Tech, a London based firm’s report indicates that the incident involved a significant amount of sensitive data. The sensitive data includes International Subscriber Identity (IMSI) numbers, SIM card information, and Home Location (HLR) details.
All this data being of critical nature can provide hackers with an entry point into BSNL’s networks. It could potentially allow them to clone SIM cards of users. This capability can be extremely dangerous as it provides the hackers with the capability to intercept communications, access private information, and potentially disrupt service. The BSNL breach has brought home the growing threats to cyber security within India’s telecom sector. There is no denying the fact that the current immediate impact on services was minimal. What one is bothered about is the potential for significant exploitation of the compromised data.
To avoid any eventuality of this nature in future, an inter-ministerial committee has been established to conduct a thorough audit of telecom networks. They would also recommend measures to prevent future data beaches. BSNL hack apart which prompted this nature of action, recent reports alleged that the personal details of 375 million Airtel customers were available for sale on the dark web. The breach was orchestrated by threat actor ‘xenZen’, “who allegedly listed the database on a dark web forum, seeking USD 50,000 for the information. Tough times ahead for telcos, if they don’t put their acts together.
TELCOS ARE NOW ON THE HACKERS RADAR FOR OBVIOUS REASONS.
Sanjay Sahay
Have a nice evening.