Telecom giant Bharti Airtel has strongly denied allegations of a security breach following reports that a significant amount of customer data had been compromised. Rumours have circulated suggesting that details of 375 million (37.5 crore) Airtel customers, including their phone numbers, email addresses, residential addresses, and Aadhaar numbers, were allegedly available for sale on the dark web.
“There has been an ongoing report alleging that Airtel customer data has been compromised. This is nothing short of a desperate attempt to tarnish Airtel’s reputation by vested interests. We have done a thorough investigation and can confirm that there has been no breach whatsoever from Airtel systems,” an Airtel spokesperson stated.
The reports claimed that a threat actor identified as ‘xenZen’ had listed a database for sale on a dark web forum, seeking USD 50,000 for the information. The hacker also purportedly claimed to have successfully sold data from the Ministry of External Affairs’ diplomatic passport holders.
The dark web, known for its anonymity, is a part of the internet not indexed by conventional search engines like Google and is accessible only through specialised software like Tor (The Onion Router). While it can facilitate legitimate uses such as anonymous communication for activists, journalists, and whistleblowers, it is also notorious for illegal activities, including drug trafficking, illegal arms sales, and various forms of cybercrime.
Srinivas Kodali, a cyber security commentator in India, took to X, the platform previously known as Twitter, to express his concerns. He wrote, “Airtel has been hacked by a China-based threat actor. He listed 37.5 crore Airtel customers’ data, including their Aadhaar numbers, for sale. The actor who listed this data for sale on breach forums is now suspended on the forum. India’s Data Protection Act is still not active.”
These allegations highlight the ongoing challenges in data security and the need for robust protective measures. Despite Airtel’s assurance that its systems have not been breached, the incident underscores the importance of vigilance and transparency in safeguarding customer information.
As of now, Airtel customers are advised to remain cautious and monitor any unusual activity related to their personal information. The telecom company continues to emphasise that its systems are secure and that it will take all necessary steps to protect its customers’ data.
The broader implications of this alleged data breach are still unfolding, but it serves as a stark reminder of the vulnerabilities that exist in the digital age. Ensuring the integrity of customer data remains a top priority for companies, especially in light of increasing cyber threats globally.
