BSNL Suffers Second Data Breach in 6 Months: 278GB of Sensitive User Info Exposed

  • By Farrukh Mushtaq

    Farrukh Mushtaq

    Author Image

    Farrukh Mushtaq, a digital marketer at PureSquare, possesses a keen interest in cybersecurity and enjoys writing about it. With several years of experience in the digital marketing industry, he brings expertise and passion to his work.

    See author profile
  • 28 June 2024
  • 5 mins read

Table of Content

Table of Contents

Bharat Sanchar Nigam Limited (BSNL), India's state-owned telecom company, suffered a catastrophic data breach that exposed 278 GB of sensitive user information. 

According to research, the disclosed data included important information such as International Mobile Subscriber Identity (IMSI) numbers, SIM card specifics, and even home location register data. 

This concerning event occurred only six months after a previous data leak in December 2023, raising severe worries about BSNL's cybersecurity procedures.

Who is Behind the BSNL Telecom Mega-Breach?

According to Kanishk Gaur, CEO of Athenian Technology: 

The data breach was caused by a malicious actor 'kiber phant0m', who comprised approximately 278 GB of data from BSNL's telecom operations. This includes server snapshots, which might be used for SIM cloning and other major illegal acts like extortion.

Gaur further added:

The state-owned telecom operator experienced a similar data leak in December of last year.

The threat actor behind the most recent hack has openly said that the compromised data is worth $5,000. The compromised data is defined as 'complicated and important', going beyond ordinary user information to target the key operational systems of BSNL.”

BSNL Frequent Data Breaches: From "Perell's Sample" to "KiberphantOm's Core Threat"

This is the second time in six months that the state-owned telecom operator has had a data leak. 

In December of last year, a threat actor using the identity "Perell" posted a "sample dataset" on a dark web forum, which included sensitive information about BSNL fiber and landline users. 

The dataset includes around 32,000 lines of data, with the threat actor claiming that the overall number of lines across all databases exceeds 2.9 million.

BSNL Coping Steps & Strategy to Counter Data Breach

Due to these hacking attempts, BSNL will likely strengthen its cybersecurity defenses. Immediate steps may include:

  • Conducting a thorough security audit
  • Strengthening data encryption
  • Implementing advanced threat detection systems.
  • Training employees on the latest cybersecurity practices.

Last month, the Ministry of Home Affairs' cybercrime unit launched the 'Pratibimb' app, which helps law enforcement hunt down cyber criminals in real-time.

The Department of Telecommunications also launched the Digital Intelligence Platform, which allows stakeholders to share real-time information, and the Chakshu portal, which allows users to report fraudulent messages.

BSNL Leak: Protect Your Data in the Age of Hacking!

The BSNL data leaks expose telecom vulnerabilities. This incident highlights the significance of attention for telecom providers and customers. 

While telecom providers must establish strong cybersecurity security measures, you can take proactive efforts to secure their data. 

You can avoid being a target victim of data breaches or identity theft by following the best privacy practices. 
Use PurePrivacy to secure your data from illegal access, unwanted prying eyes, and get added privacy on all platforms.