In a shocking revelation, India's state-owned telecom giant, Bharat Sanchar Nigam Ltd (BSNL), has reportedly fallen victim to a significant data breach, potentially jeopardizing the sensitive information of thousands of users. The breach, orchestrated by a threat actor known as "Perell," has sent shockwaves through the cybersecurity landscape, with the use of a SQL injection technique raising concerns.
According to reports, the threat actor has claimed access to "critical information" related to BSNL's fibre and landline users. The breach involves a substantial sample dataset shared on the dark web, comprising sensitive details such as email addresses, billing information, contact numbers, and other crucial data. Notably, the dataset also includes mobile outage records, network details, completed orders, and comprehensive customer information.
The hacker, posting under the alias "Perell," has shared approximately 32,000 lines of data as a sample, with a staggering claim of possessing around 2.9 million lines across all databases. The gravity of the situation is underscored by the potential risks to user privacy, considering the nature of the compromised information.
The breach poses an imminent threat to the privacy and security of BSNL customers, raising concerns about identity theft, financial fraud, and targeted phishing attacks. The compromised information, including critical infrastructure details, has far-reaching implications for both BSNL and its user base.
Indian cybersecurity watchdog Cert-In has been alerted to the hacking attack, though BSNL is yet to publicly acknowledge the breach. The severity of the incident has prompted concerns among cybersecurity experts and industry insiders.
Kanishk Gaur, a cybersecurity expert and founder of India Future Foundation, expressed deep concern about the breach, highlighting its implications for both BSNL and its users. He emphasized the need for immediate action to mitigate potential risks.
The BSNL data breach has sparked discussions about its potential connection to a 2018 intrusion, where a SQL injection in BSNL's intranet website compromised information on thousands of employees. While the authenticity of the recent breach is yet to be verified, experts are drawing parallels with past incidents.
Saket Modi, co-founder and CEO of Safe Security, shed light on the potential nature of the breach. He suggested that the hacker's claim of 2.9 million lines of data points to a high probability of a single website being breached. The possibility of a SQL injection vulnerability was also raised, indicating a method used for backend database manipulation.
No confirmation or denial of the breach has been received at the time of writing. The claims surrounding the BSNL data breach remain unverified, leaving users and industry stakeholders in suspense.
As the cybersecurity community awaits official confirmation, the BSNL data breach serves as a stark reminder of the persistent threats faced by critical infrastructure providers. The incident highlights the urgent need for robust cybersecurity measures to safeguard sensitive user information and protect against evolving cyber threats, with the confirmed use of a SQL injection technique adding a layer of complexity to the unfolding narrative. Stakeholders will be closely watching for updates and responses from BSNL and relevant authorities to address the aftermath of this critical cybersecurity incident.