Millions of Users at Risk of SIM Cloning and Financial Frauds after 278GB Data Leak

The recent data breach at Bharat Sanchar Nigam Limited (BSNL) has resulted in the exposure of sensitive information, including server snapshots that could potentially be used for criminal activities like SIM cloning and extortion. The threat actor behind this breach values the compromised data at $5,000 and is targeting BSNL’s core operational systems rather than just the users in the database.read more

Bharat Sanchar Nigam Limited (BSNL) has recently fallen victim to a significant data breach, with a threat actor claiming to have accessed sensitive information.

According to reports from digital risk management firm Athenian Technology, the compromised data includes international mobile subscriber identity (IMSI) numbers, SIM card details, home location register data, and essential security keys.

The breach was brought to light by The Economic Times, quoting Kanishk Gaur, CEO of Athenian Technology. Gaur identified the threat actor responsible for the breach as ‘kiberphant0m,’ who reportedly gained access to over 278GB of data from BSNL’s telecom operations.

This data, which includes server snapshots, could potentially be used for activities like SIM cloning and extortion, posing serious risks.

The threat actor has placed a value of $5,000 on the compromised data. The breach is considered complex and critical, targeting BSNL’s core operational systems rather than just user data. The extensive operational data obtained could facilitate more sophisticated cyber-attacks, posing significant risks not only to BSNL but also to interconnected systems and networks, highlighting a critical national security concern.

Access to SIM card data and authentication keys could enable attackers to bypass security protocols on financial accounts, potentially resulting in financial losses and identity theft for users. Gaur stressed the need for BSNL to promptly investigate the breach and take steps to secure network endpoints and audit access logs.

This incident follows a previous data breach in December of the previous year, where a threat actor known as ‘Perell’ disclosed a dataset containing sensitive information about BSNL’s fiber and landline service users on a dark web forum. The dataset revealed details like email addresses, billing information, contact numbers, mobile outage records, network specifics, completed orders, and customer profiles, totaling 2.9 million data entries across all databases.

In this latest breach, the threat actor has confirmed that the data for sale is distinct from previously sold datasets focusing on user data, underscoring the evolving threats faced by BSNL and the crucial need for robust cybersecurity measures.

Leave a Comment

Your email address will not be published. Required fields are marked *