BSNL Breached Twice in a Year: A Deep Dive into the State-Owned Telecom’s Cybersecurity Woes

BSNL Blog Banner
June 26, 2024 | Cybersecurity

By Ashwani Mishra, Editor-Technology, 63SATS

Bharat Sanchar Nigam Limited (BSNL), India’s state-owned telecommunications giant, finds itself in the crosshairs of cybercriminals once again.

In a recent report by Athenian Tech, it has been revealed that BSNL has suffered a second significant data breach within a year, this time orchestrated by the elusive hacker known as “kiberphant0m”. The breach has exposed a staggering 278GB of sensitive information, potentially jeopardizing the privacy and security of millions of users.

Unveiling the Breach: What Happened?

According to the Threat Intelligence Report, the “kiberphant0m” hacker infiltrated BSNL’s data systems, compromising an extensive range of critical data. The breach involves:

International Mobile Subscriber Identity (IMSI) Numbers

SIM Card Information

Home Location Register (HLR) Details

DP Card Data

Snapshots of BSNL’s SOLARIS Servers

A report from by Business Today states that this treasure trove of data has been put up for sale at $5,000 (approximately Rs 4,17,000), with the hacker providing samples to validate the data’s authenticity. The special offer was available for a brief window from May 30 to May 31, 2024.

A Recurring Nightmare: The December 2023 Breach

This is not the first time BSNL has been targeted. In December 2023, the company fell victim to another significant breach. A hacker going by the alias “Perell” infiltrated BSNL’s systems and released a dataset containing 32,000 lines of sensitive information on a dark web forum.

The leaked data included:

Email Addresses, Billing Details, Contact Numbers, Information on Fiber and Landline Users, Mobile Outage Records. Network Details and Completed Orders and Customer Information.

“Perell” claimed that the total compromised data spanned 2.9 million lines across multiple databases, putting the personal and financial details of BSNL’s customers at serious risk.

Implications of the Breach

The back-to-back breaches underscore a severe vulnerability in BSNL’s cybersecurity infrastructure. These incidents highlight the urgent need for enhanced security measures and protocols to protect sensitive user data. The exposed information could be exploited for various malicious activities, including identity theft, financial fraud, and targeted cyberattacks.

BSNL’s Response and Future Measures

In light of these breaches, BSNL is expected to ramp up its cybersecurity defenses. Immediate steps might include:

  • Conducting Thorough Security Audits
  • Strengthening Data Encryption
  • Implementing Advanced Threat Detection Systems
  • Regular Employee Training on Cybersecurity Practices

The telecom giant must also enhance its incident response strategy to swiftly and effectively mitigate any future breaches.

As India continues to digitalize rapidly, the stakes for securing critical infrastructure like BSNL have never been higher. These breaches serve as a stark reminder of the persistent threats facing large organizations and the importance of maintaining robust cybersecurity measures. For BSNL, the path forward involves not only repairing the damage from these incidents but also fortifying their defenses to safeguard against future attacks.

With the digital landscape evolving at an unprecedented pace, BSNL’s commitment to cybersecurity will be crucial in restoring trust and ensuring the security of its users.