BSNL data loss lays bare telcos’ chinks
The sale of highly sensitive BSNL data on dark web forums has exposed the vulnerability of Indian telecom services to cyber-attacks, undermined national security and infrastructure stability, and disrupted communication networks, according to cyber security experts.
The shocking revelation of data breach at state-run telecom provider Bharat Sanchar Nigam Limited (BSNL) by ‘kiberphant0m’ with prolonged access to the systems has affected several million subscribers.
The deep penetration of the BSNL systems facilitated by exploiting software vulnerabilities and using sophisticated social engineering techniques has exposed the
exposed the vulnerabilities of BSNL servers, allowing attackers to study the infrastructure setup and exploit the network and inject malicious codes.
The 140GB data breach includes IMSI and SIM details, HLR data, DP Card Data, DP Security Key Data, master keys, and SOLARIS server snapshots for potential SIM cloning to intercept calls and messages, including OTPs, bypass two-factor authentication, access bank accounts, cyber crimes and extortion rackets.
The nature and volume of the compromised data – available for sale on the darknet for $5,000 – suggests kiberphant0m had prolonged access to BSNL network and systems, officials said.
BSNL had reported a similar data breach in December 2023 but the latest breach has more detailed user information and datasets related directly to telecom operations.
“The breach has set dangerous precedent of encouraging further attacks on other critical infrastructure sectors. The detailed operational data that has been compromised could be used to launch more sophisticated cyber-attacks, targeting other interconnected systems and networks,” an intelligence official said.
The Ministry of Communications & Information Technoloy has asked for a detailed report on the data breach and exploitation of known vulnerabilities within BSNL’s server infrastructure and ordered comprehensive forensic investigation to identify vulnerabilities exploited for rigorous patch management and security updates.
Shocking breach at state-run telecom provider has affected several million subscribers in the country