BSNL was breached the second time and this the hackers walked away with 278 GB of data of sensitive data of the state-owned telecom major.
Cybercriminals hit Bharat Sanchar Nigam Ltd for the second time in six months and this time they pilfered far more alarming stuff than just walking away with their user data. India’s state-owned telecom behemoth has been targeted by a threat actor “kiberphant0m” who claimed to have accessed sensitive operational data, of the company, including international mobile subscriber identity numbers, SIM card information, home location register data and critical security keys. Athenian Tech got wind of breach investigated it and notified the proper authorities about it.
The severity of the heist. Once the hackers got access of the systems of BSNL they exfiltrated more than 278 GB of sensitive data which included including the company’s server snapshots, data of a nature so complex and critical that it surpasses typical user information and targets the very core of BSNL’s operational systems. The threat actor publicly offered this stolen data for sale for $5,000 – a flagrant display of intent that demonstrates just how emboldened these nefarious elements have become.
The method. The bad actors behind this breach have not only stolen sensitive data of the company but they have also reportedly gained means to inflict cascading damage. Access to SIM card information and authentication keys would allow the attackers to clone SIM cards, bypass security measures on financial accounts and mount far more sophisticated attacks on BSNL’s infrastructure. If exploited, the compromised credential repository could open the floodgates to identity theft, financial fraud and extortion of millions of ordinary Indian citizens who depend on BSNL’s network every single day.
The wake-up. BSNL needs to launch an urgent probe to assess and contain the breach, secure its network endpoints and conduct a thorough audit of access logs, without delay. The fact that we’re seeing a second breach in six months, in the state-owed behemoth, indicates serious failures in endpoint security, access controls and data handling protocols that can no longer be ignored. When the vault of a nation’s largest state-owned telecom operator is broken open not once but twice in the same year, it could open the floodgates of destruction for millions who never even knew why and how they were at risk.
