Bharat Sanchar Nigam Restricted (BSNL) has reportedly suffered an information breach and the menace actor concerned is allegedly claiming to have possessed delicate person and operational knowledge. The federal government-owned telecom supplier’s servers had been attacked, and the hackers now possess SIM card particulars, dwelling location register knowledge, and server-related important safety keys, as per the report. It’s stated that the stolen knowledge might be misused to hold out legal actions akin to SIM card cloning, identification theft, and even extortion.
Menace Actor Reportedly Breaches BSNL Servers
Citing an information breach report by the digital danger administration agency Athenian Tech, Information18 reviews that the menace actor behind the cyberattack goes by the title “kiberphant0m”. It seems to be the hacker’s darkish internet discussion board username. It can’t be confirmed whether or not the information breach was carried out by a person or a gaggle of hackers.
As per the report, round 278GB of knowledge was compromised from BSNL’s telecom operations. The breached knowledge is claimed to transcend person knowledge and consists of server snapshots that can be utilized to hold out additional assaults and create extreme safety dangers. The menace actor claims to own important info akin to Worldwide Cell Subscriber Id (IMSI) numbers, SIM card particulars, PIN codes, authentication keys, and extra. Reportedly, it additionally consists of snapshots of BSNL’s SOLARIS servers.
The menace actor has reportedly supplied to promote the breached knowledge for $5,000 (roughly Rs. 4.18 lakh). Speaking in regards to the uncovered knowledge on a darkish internet discussion board, the hacker allegedly additionally mentioned the potential of misusing it for legal actions akin to SIM cloning, identification theft, and extortion.
“Whereas the particular vulnerabilities exploited by ‘kiberphant0m’ haven’t been publicly disclosed, entry to important methods just like the Dwelling Location Register (HLR) and SOLARIS server snapshots signifies a deep penetration seemingly facilitated by exploiting software program vulnerabilities or utilizing refined social engineering strategies. The inclusion of server snapshots suggests doable exploitation of recognized vulnerabilities inside BSNL’s server infrastructure, emphasising the necessity for rigorous patch administration and safety updates,” Kanishk Gaur, CEO of Athenian Tech instructed the publication.
The alleged knowledge breach poses a critical menace to thousands and thousands of BSNL customers whose delicate info may need been compromised. Notably, the telecom operator suffered an identical knowledge breach in December 2023. Devices 360 has reached out to BSNL for a touch upon the story, and we are going to replace the article as soon as we obtain a reply.