Sensitive user info hawked on dark web post BSNL data breach
BSNL) has allegedly suffered a data breach as a threat actor has claimed to have “critical information” pertaining to the company’s users, ET has learnt.
The threat actor using the alias ‘Perell’ has disclosed a “sample dataset” on a dark web forum, including sensitive details of fibre and landline users of BSNL. The dataset contains about 32,000 lines of data and the threat actor claimed that the total number of lines across all databases amounts to approximately over 2.9 million.
Elevate Your Tech Prowess with High-Value Skill Courses
Offering CollegeCourseWebsiteNorthwestern UniversityKellogg Post Graduate Certificate in Product ManagementVisitIIM LucknowIIML Executive Programme in FinTech, Banking & Applied Risk ManagementVisitIIT DelhiIITD Certificate Programme in Data Science & Machine LearningVisitThe compromised data include email addresses, billing details, contact numbers, and other sensitive data besides information about mobile outage records, network details, completed orders, and customer information, a person aware of the development told ET.
“This poses an imminent threat to the privacy and security of BSNL customers which is considered critical infrastructure,” the person said.
ET has reviewed the sample data set and found details like a customer’s district being mentioned.
Cybersecurity watchdog Cert-In has been apprised of the attack, the person quoted above said.
Also read | Over 1 lakh cyber security incidents in govt organisations this year
Queries sent to BSNL and Cert-In remained unanswered as of press time Thursday.
“The recent data breach at BSNL is deeply concerning,” said Kanishk Gaur, cyber security expert and founder of India Future Foundation, a think tank working on internet
