'Perell’ imperils BSNL, steals data, showcases sample on dark web

The immediate implication is the people whose data have been obtained can become exposed to phishing attacks and/or financial fraud

  • Last Updated : May 17, 2024, 14:11 IST

Data thieves are striking it rich. Public sector telco Bharat Sanchar Nigam Ltd (BSNL) has become the victim of a cyberattack that has penetrated its defences and obtained what is being described as “critical information” of a large number of users of the utility, The Economic Times has reported.

The immediate implication: the people whose data have been obtained can become exposed to phishing attacks and/or financial fraud.

The thief has gone a step forward and is highlighting a “sample dataset” on dark web. According to the report, it features details of fibre and landline users of BSNL.

The miscreant has claimed that he/she has obtained a total of 2.9 million lines of data. The data stolen by this entity includes a wide array of information such as phone numbers, email addresses, billing information and data on mobile outage records, network details, completed orders, and customer information.

“This poses an imminent threat to the privacy and security of BSNL customers which is considered critical infrastructure,” a person aware of the mishap told the newspaper that reviewed the sample data set. The report also mentioned that Cert-In, India’s nodal agency for responding to computer security breaches has been informed.
Independent experts, too. pointed out the threats.

“The hacker claims that the number of rows of data to be around 2.9 million, which indicates a high probability that it is a single website that may have been breached. Additionally, the sample data structure available on the dark web points to possible exploitation of a SQL (Structured Query Language) Injection vulnerability,” said Saket Modi, cofounder and CEO of Safe Security, a cyber risk management startup.

Modi is not alone. “The recent data breach at BSNL is deeply concerning. This incident has far-reaching implications for both BSNL and its users. The breach, involving sensitive information not only compromises the privacy of the users but also places them at risk of identity theft, financial fraud, and targeted phishing attacks,” said Kanishk Gaur, who is a cyber security expert and founder of India Future Foundation. The foundation is a think tank engaged in the study of internet safety and cybersecurity.

Modi thinks the attack could be carried out by an individual and not by an organised group.
Incidentally, SQL injection happens to be a common attack vector that employs SQL code for backend database manipulation to access information. It can lead to obtaining data that is not displayed.

Modi said that in the same thread the hacker also mentioned that he has data from Russian social media site noomera.ru, Cambodia Khmer citizen database, playthe.net, and lanichost.la.

What can BSNL do now? Gaur insisted on immediate and transparent measures to tackle this sensitive breach. He said the telco should conduct a thorough examination of the attacks and its defences and erect robust a cyber defence framework.

Only about a month ago, it was reported that the Taj Hotels Group suffered a cyberattack where the miscreant claimed to obtain 1.5 million customer data.

Gaur also stressed training to employees in the best practices of cyber-secure behaviour. “Employee training in cybersecurity awareness is also crucial, as human error often plays a significant role in such breaches. Additionally, BSNL should establish a swift incident response mechanism to effectively deal with future cybersecurity threats,” emphasised Gaur.

Published: December 22, 2023, 13:10 IST
Exit mobile version