The threat actor could potentially misuse the breached user data for SIM cloning, identity theft, and extortion.
The threat actor is reportedly selling the breached data for a price of $5,000 (roughly Rs. 4,18,000)
Photo Credit: Reuters
Bharat Sanchar Nigam Limited (BSNL) has reportedly suffered a data breach and the threat actor involved is allegedly claiming to have possessed sensitive user and operational data. The government-owned telecom provider's servers were attacked, and the hackers now possess SIM card details, home location register data, and server-related critical security keys, as per the report. It is said that the stolen data can be misused to carry out criminal activities such as SIM card cloning, identity theft, and even extortion.
Citing a data breach report by the digital risk management firm Athenian Tech, News18 reports that the threat actor behind the cyberattack goes by the name “kiberphant0m”. It appears to be the hacker's dark web forum username. It cannot be confirmed whether the data breach was conducted by an individual or a group of hackers.
As per the report, around 278GB of data was compromised from BSNL's telecom operations. The breached data is said to go beyond user data and includes server snapshots that can be used to carry out further attacks and create severe security risks. The threat actor claims to possess critical information such as International Mobile Subscriber Identity (IMSI) numbers, SIM card details, PIN codes, authentication keys, and more. Reportedly, it also includes snapshots of BSNL's SOLARIS servers.
The threat actor has reportedly offered to sell the breached data for $5,000 (roughly Rs. 4.18 lakh). Talking about the exposed data on a dark web forum, the hacker allegedly also discussed the possibility of misusing it for criminal activities such as SIM cloning, identity theft, and extortion.
“While the specific vulnerabilities exploited by ‘kiberphant0m' have not been publicly disclosed, access to critical systems like the Home Location Register (HLR) and SOLARIS server snapshots indicates a deep penetration likely facilitated by exploiting software vulnerabilities or using sophisticated social engineering techniques. The inclusion of server snapshots suggests possible exploitation of known vulnerabilities within BSNL's server infrastructure, emphasising the need for rigorous patch management and security updates,” Kanishk Gaur, CEO of Athenian Tech told the publication.
The alleged data breach poses a serious threat to millions of BSNL users whose sensitive information might have been compromised. Notably, the telecom operator suffered a similar data breach in December 2023. Gadgets 360 has reached out to BSNL for a comment on the story, and we will update the article once we receive a reply.
Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.