BSNL Data Breach: State Telecom Giant Exposed on Hacker Forum

by do son · July 27, 2024

On May 27, a user with the alias “kiberphant0m” on Breach Forums, a site renowned among hackers, offered for sale data allegedly hacked from Bharat Sanchar Nigam Limited (BSNL) for $5000.

Bharat Sanchar Nigam Limited (BSNL) is India’s state-owned telecommunications company, providing a wide range of communication services, including landline and mobile telephony, internet, and digital television. Founded in 2000, BSNL plays a pivotal role in the development of the nation’s telecommunications infrastructure, serving millions of subscribers across India, including remote and rural areas.

On Wednesday, the government acknowledged in the Lok Sabha that BSNL’s server had been breached. On May 20, the Indian Computer Emergency Response Team (CERT-In) reported a possible intrusion and data leak at BSNL. The investigation revealed that the sample data submitted by CERT-In “similar” data on one of BSNL’s storage servers.

Communications Minister Pemmasani Chandra Sekhar disclosed that an inter-agency commission had been established to audit telecommunications networks and propose measures to prevent data leaks. According to him, the analysis indicated that the File Transfer Protocol (FTP) server contained data similar to the samples provided by CERT-In. Equipment manufacturers did not confirm any data leak from the Home Location Register (HLR) of the telecommunications network, thus there was no disruption in BSNL’s network.

BSNL has taken steps to prevent similar incidents: access passwords to all FTP servers have been changed, and instructions have been issued to ensure endpoint isolation.

The user “kiberphant0m” claimed that the hacked data included IMSI (International Mobile Subscriber Identity), SIM card numbers, HLR (a registry of all active mobile network users, including number portability history and call routing data), and other details.

HT contacted two subscribers using numbers presented in the sample data, both of which belonged to BSNL. However, verifying other data was not possible as the subscribers could not recall details of calls and balance top-ups. HT also reached out to “kiberphant0m” via Telegram to clarify if he still had access to BSNL’s servers.