Bharat Sanchar Nigam Restricted (BSNL) has reportedly suffered an information breach and the menace actor concerned is allegedly claiming to have possessed delicate consumer and operational knowledge. The federal government-owned telecom supplier’s servers had been attacked, and the hackers now possess SIM card particulars, house location register knowledge, and server-related crucial safety keys, as per the report. It’s stated that the stolen knowledge could be misused to hold out prison actions similar to SIM card cloning, identification theft, and even extortion.

Risk Actor Reportedly Breaches BSNL Servers

Citing an information breach report by the digital danger administration agency Athenian Tech, News18 reports that the menace actor behind the cyberattack goes by the identify “kiberphant0m”. It seems to be the hacker’s darkish net discussion board username. It can’t be confirmed whether or not the information breach was performed by a person or a gaggle of hackers.

As per the report, round 278GB of knowledge was compromised from BSNL’s telecom operations. The breached knowledge is alleged to transcend consumer knowledge and consists of server snapshots that can be utilized to hold out additional assaults and create extreme safety dangers. The menace actor claims to own crucial data similar to Worldwide Cellular Subscriber Identification (IMSI) numbers, SIM card particulars, PIN codes, authentication keys, and extra. Reportedly, it additionally consists of snapshots of BSNL’s SOLARIS servers.

The menace actor has reportedly provided to promote the breached knowledge for $5,000 (roughly Rs. 4.18 lakh). Speaking in regards to the uncovered knowledge on a darkish net discussion board, the hacker allegedly additionally mentioned the potential of misusing it for prison actions similar to SIM cloning, identification theft, and extortion.

“Whereas the precise vulnerabilities exploited by ‘kiberphant0m’ haven’t been publicly disclosed, entry to crucial programs just like the Dwelling Location Register (HLR) and SOLARIS server snapshots signifies a deep penetration seemingly facilitated by exploiting software program vulnerabilities or utilizing subtle social engineering strategies. The inclusion of server snapshots suggests potential exploitation of recognized vulnerabilities inside BSNL’s server infrastructure, emphasising the necessity for rigorous patch administration and safety updates,” Kanishk Gaur, CEO of Athenian Tech informed the publication.

The alleged knowledge breach poses a severe menace to thousands and thousands of BSNL customers whose delicate data may need been compromised. Notably, the telecom operator suffered the same knowledge breach in December 2023. Devices 360 has reached out to BSNL for a touch upon the story, and we’ll replace the article as soon as we obtain a reply.