India BSNL data breach exposes 2.9 million user records to hackers

    BSNL, or Bharat Sanchar Nigam Limited, a government-funded telecommunications service provider operating nationwide in India, has recently fallen victim to a cyber attack resulting in the exposure of records belonging to more than 2.9 million users. The alleged perpetrator, a threat actor known as “Perell,” has claimed responsibility for the incident, stating that additional information will be leaked onto the dark web due to the company’s failure to meet their demands promptly.

    Despite the severity of the situation, the central public sector undertaking has not officially confirmed the attack on its servers. The organization has assured the public that it will provide further details after a thorough investigation conducted by the Government of India.

    Initial reports on the BSNL data breach suggested a ransomware attack, but Perell clarified on social media that the incident involved data siphoning and selling on the dark web rather than a ransomware infection.

    This is not the first time BSNL has faced cybersecurity challenges. In 2012, an Indian hacker targeted the Madhya Pradesh BSNL website, gaining access to the national network with disruptive intentions. A more serious incident occurred in July 2017, when malware was introduced into the central repository through the Karnataka telecom website. The malware aimed to disrupt modem operations nationwide, successfully affecting over 60,000 modems and causing weeks-long internet outages. Subsequent investigations led to a government probe, and BSNL issued advisories urging users to change default passwords on modems to prevent similar incidents.

    Technically struggling, BSNL finds itself teetering on the edge of closure and currently relies on funding from the BJP-led Narendra Modi Government to sustain its operations. The company’s inability to keep pace with private telecommunication competitors like Airtel, Jio/Reliance, and V! is attributed to slow adoption of 4G and 5G technology trends. Additionally, BSNL’s services have been criticized for their subpar quality across all states in the Indian Subcontinent, further contributing to its market decline.

    Ad
    Join over 500,000 cybersecurity professionals in our LinkedIn group "Information Security Community"!
    Naveen Goud
    Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

    No posts to display