Bharat Sanchar Nigam Limited (BSNL) has reportedly suffered a data breach, with the threat actor involved reportedly claiming to be in possession of sensitive customer and operational data. The servers of the state-owned telecommunications service provider were attacked, and the hackers now have SIM card information, home location registry information and critical security keys related to the server, according to the report. It said the stolen data can be misused to carry out criminal activities like SIM card cloning, identity theft and even extortion.
The threat is reportedly breaching BSNL servers
Citing a data breach report from digital risk management firm Athenian Tech, News18 reports that the threat actor behind the cyber attack is called “cyberphant0m”. It appears to be the hacker’s dark web forum username. It cannot be confirmed whether the data breach was carried out by an individual or a group of hackers.
According to the report, around 278 GB of data was compromised from BSNL’s telecom operations. The breached data reportedly goes beyond user data and includes server snapshots that can be used to carry out further attacks and create serious security risks. The threat claims to have critical data such as International Mobile Subscriber Numbers (IMSI), SIM card details, PIN codes, authentication keys and more. It also reportedly includes snapshots of BSNL’s SOLARIS servers.
The threat actor reportedly offered to sell the breached data for $5,000 (roughly Rs. 4.18 lakh). Speaking about the leaked data on a dark web forum, the hacker reportedly also discussed the possibility of misuse for criminal activities like SIM card cloning, identity theft and extortion.
“While the specific vulnerabilities exploited by ‘cyberphant0m’ have not been made public, access to critical systems such as the Home Location Register (HLR) and SOLARIS server snapshots indicate a deep penetration likely facilitated by exploiting software vulnerabilities or using sophisticated social engineering techniques. The inclusion of server snapshots suggests possible exploitation of known vulnerabilities within BSNL’s server infrastructure, highlighting the need for rigorous patch management and security updates,” Kanishk Gaur, CEO of Athenian Tech told the publication.
The alleged data breach poses a serious threat to millions of BSNL customers whose sensitive data could have been compromised. Notably, the telecom operator suffered a similar data breach in December 2023. Gadgets 360 has reached out to BSNL for comment on the story, and we will update the article when we receive a response.
