BSNL faces major data breach; sensitive information compromised

Bharat Sanchar Nigam Limited (BSNL), one of the largest public sector organizations providing a comprehensive range of telecom services in India, including landline, mobile, and broadband services, has been hit by a significant data breach, with a cybercriminal claiming to have accessed 278 GB of sensitive operational data.

 

This breach includes international mobile subscriber identity (IMSI) numbers, SIM card specifics, home location register data, and critical security keys. The incident was reported by digital risk management firm Athenian Technology, which identified the threat actor as ’kiberphant0m’.

 

Highlighting the severe implications of the breach, Kanishk Gaur, CEO of Athenian Technology, stated that the compromised data includes server snapshots that could facilitate SIM cloning and other criminal activities such as extortion. The threat actor has valued the stolen data at $5,000.

 

This is not the first time BSNL has faced such an issue. In December last year, a threat actor named ’Perell’ leaked a dataset containing 32,000 lines of sensitive information from BSNL’s fiber and landline services on a dark web forum. This earlier breach exposed email addresses, billing information, contact numbers, network specifics, mobile outage records, and customer profiles, totaling 2.9 million data entries across all databases.

 

Gaur emphasized the critical national security risks posed by the latest breach. Access to SIM card data and authentication keys could allow attackers to bypass security protocols on financial accounts, leading to financial losses and identity theft. He urged BSNL to conduct an urgent investigation to assess and contain the breach, recommending immediate steps such as securing network endpoints and auditing access logs.

 

The situation is particularly alarming given the Government of India’s 2020 mandate requiring all ministries and central autonomous bodies to use BSNL and MTNL services. This mandate implies that sensitive government communications and infrastructure could be at risk due to these cybersecurity lapses.

 

The breach also underscores the importance of robust cybersecurity measures as outlined in the Telecommunication Act 2023, Section 22 of the Act, effective June 26, allows the government to implement measures to protect telecommunication networks and services. These measures may include collecting, analyzing, and disseminating traffic data within telecommunication networks to ensure cybersecurity.