On May 27, a user with the nickname “Kiberphant0m” on the Breach Forums forum, a well-known forum among hackers, offered to sell data allegedly hacked from Bharat Sanchar Nigam Limited (BSNL) for $5000.
Bharat Sanchar Nigam Limited (BSNL) is India’s state telecommunications company that offers a wide range of communication services, including landline and mobile communications, Internet, and digital television. Established in 2000, BSNL plays a crucial role in the development of the country’s telecommunication infrastructure, catering to millions of subscribers across India, including remote and rural areas.
During a session in the Lok Sabha on Wednesday, the government acknowledged that the BSNL state server had been hacked. Earlier, on May 20, the Indian Computer Emergency Response Team (CERT-In) reported a possible breach and data leak at BSNL. It was discovered during the investigation that the data sample provided by CERT-In was “similar” to the data on one of BSNL’s storage servers.
Communications Minister Pemmasani Chandra Sekhar stated that an interdepartmental committee was established to audit telecommunication networks and suggest measures to prevent data breaches. After examination, it was determined that data resembling the samples from CERT-In were found on the File Transfer Protocol (FTP) server. Manufacturers of the equipment did not confirm any data leak from the Home Location Register (HLR) telecommunication network, indicating no disruption in BSNL’s network.
To prevent similar incidents, BSNL has taken action by changing passwords access to all FTP servers and issuing guidelines to ensure endpoint isolation.
The data allegedly hacked, according to “Kiberphant0m,” includes International Mobile Subscriber Identifier (IMSI), SIM cards, HLR (a registry of all active mobile network users with call data and number transfer history), and other information.
Publication HT contacted two subscribers whose numbers were in the data sample, both confirmed to be BSNL users. However, further verification of data was not possible as the subscribers did not recollect call details or balance refills. HT attempted to contact KiberPhant0m through Telegram to inquire about continued access to BSNL servers.
The government remains vigilant in safeguarding telecommunication networks and implementing strategies to prevent similar breaches in the future.