In late 2023, concerns surfaced regarding a potential data breach at Bharat Sanchar Nigam Limited (BSNL), a major telecommunications provider owned by the Indian government. However, BSNL did not confirm these reports at the time. Recently, the issue has resurfaced after data purportedly from the unconfirmed BSNL data breach has again appeared on the dark web.
On April 24, 2024, a known threat actor named ‘Perell’, who was previously linked to the alleged 2023 BSNL data breach, released a database that reportedly belongs to BSNL. This database contains more than 2.9 million records and was originally part of an extortion scheme. In December last year, Perell claimed to have obtained sensitive BSNL data and threatened to use it against the company on the now-defunct BreachForums.
Despite the time elapsed, the threat to user privacy remains significant as Perell has made the supposedly stolen data publicly available, intensifying worries about the security of information and the potential implications for BSNL’s customers.
The 2024 BSNL Data Breach Claims Surfaces on BreachForums
Source: Dark WebThe leaked data, according to Perell’s post on the forum, includes sensitive information from BSNL, a major player in India’s telecommunications sector. While the exact reason for the resurfacing of data from 2023 is unknown, Perell shared a link on BreachForums for the stolen data, stating that the “following list of databases would be exfiltrated.â€
Discussions on BreachForums suggest that the recently leaked data, claimed to be from BSNL in 2024, actually dates back to 2023. Despite its age, the data remains a significant concern due to its large volume and sensitive nature. The decision to leak the same data again in 2024 is puzzling and raises questions about the motives behind this move.
The earlier post shared by the threat actor in December 2023.The seriousness of the situation is highlighted by the fact that the compromised data from 2023 was posted on the same forum without any clear evidence of communication between the hacker and Bharat Sanchar Nigam Limited (BSNL), and it’s uncertain whether a ransom was demanded or paid. Like the current incident, the original post focused solely on revealing the data of 2.9 million users, indicating a deliberate effort to exploit and profit from the breach.
The Cyber Express has reached out to the Indian telecommunication giant to learn more about the authenticity of the data being shared by the threat actor. However, at the time of writing this, no official statement or response has been shared, leaving the claims made by the threat actor stand unverified.Â
The Far-reaching Consequences of the BSNL Database Leak
Following initial reports of the BSNL data leak in December last year, experts expressed concerns about the implications of the incident.
Saket Modi, CEO of the cyber risk management startup Safe Security, commented to the Economic Times that the nature of the hack suggested it was likely carried out by an individual rather than an organization. Modi pointed out that the claim of approximately 2.9 million records being compromised suggested that the breach might involve a single website.
Additionally, Kanishk Gaur, founder of India Future Foundation, spoke to the Indian media about the wider consequences of the breach, emphasizing its significant impact on both BSNL and its customers.
The reappearance of data from last year’s BSNL data breach raises serious concerns. This leak threatens the personal and financial security of millions, potentially leading to identity theft and fraud. Notably, despite the breach first surfacing last year and reemerging now, BSNL has yet to confirm the incident, leaving the claims unverified.
The Cyber Express has contacted BSNL for comment and is currently awaiting their response. Updates to this story will be provided as more information becomes available.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
Source: Read More
