The Union government has confirmed a data breach in Bharat Sanchar Nigam Limited’s (BSNL) systems, which was reported on May 20, 2024. This revelation came from Minister of State for Communications Chandra Sekhar Pemmasani, in response to a query from Congress MP Amar Singh in the Lok Sabha.
Details of the breach
The Indian Computer Emergency Response Team (CERT-In) has identified a potential intrusion and data breach at BSNL. Pemmasani confirmed that while the breach did not lead to any service outages, it was discovered that one BSNL server contained data similar to the sample data shared by CERT-In.
An inter-ministerial committee has been established to conduct a thorough audit of telecom networks and recommend measures to prevent future data breaches. This committee’s formation underscores the government’s commitment to strengthening the security of India’s telecommunications infrastructure.
Nature of the compromised data
A June report from Athenian Tech, a London-based technology firm, revealed new details about the breach. The report indicates that the incident involved a significant amount of sensitive data, including International Mobile Subscriber Identity (IMSI) numbers, SIM card information, and Home Location Register (HLR) details.
This data is critical as it can provide hackers with an entry point into BSNL’s networks, potentially allowing them to clone SIM cards of users. Such a capability could enable attackers to intercept communications, access private information, and potentially disrupt services.
Government’s response
The formation of an inter-ministerial committee is a proactive step by the government to address the breach. This committee will conduct a comprehensive audit of telecom networks and suggest remedial measures to prevent future breaches. Pemmasani emphasised the importance of securing telecom networks to protect sensitive user data and maintain the integrity of communication services.
Implications for BSNL and users
The breach at BSNL highlights the growing threats to cybersecurity within India’s telecom sector. While the immediate impact on services was minimal, the potential for significant exploitation of the compromised data remains a concern. The government’s swift action in addressing the breach and investigating the vulnerabilities is crucial in mitigating further risks. Users are advised to remain vigilant and monitor their accounts for any unusual activity.
Not an isolated event
Recently, reports surfaced alleging that the personal details of 375 million (37.5 crore) Airtel customers, including phone numbers, email addresses, residential addresses, and Aadhaar numbers, were available for sale on the dark web. The data breach was reportedly orchestrated by a threat actor known as ‘xenZen,’ who allegedly listed the database on a dark web forum, seeking USD 50,000 for the information.
Airtel strongly denied these allegations, dismissing them as a desperate attempt to tarnish the company’s reputation by vested interests. “We have conducted a thorough investigation and can confirm that there has been no breach whatsoever from Airtel systems,” an Airtel spokesperson stated.