A hacker named Ellis is now selling thousands of internet and landline records from the telecom operator BSNL on the dark web, as a result of a data breach that saw the operator suffer a data breach in the recent past.
BSNL users' sensitive information, including email addresses, billing details, and contact numbers, has been compromised, raising concerns of identity theft, financial fraud, and targeted phishing attacks that target these individuals.
An excerpt from the stolen data has been posted on the dark web by the hacker.
There are sensitive details contained in the document, such as email addresses, billing details, contact details, as well as other private details, which are concerned with BSNL customers with fibre and landlines, raising concerns about identity theft, financial fraud, and targeted phishing attacks that target these individuals.
It appears that information like outage records for mobile phones, network details, information about completed orders, and personal information about customers is also compromised.
The hacker claimed that his data regarding BSNL's fibre and landline services in India was stolen.
The information that was stolen has already been revealed in part, which comprises some 32,000 lines of information relating to the theft.
The compromised data also included mobile outage reports, network information, orders that have been completed, and client details, as told to me by a source familiar with the situation familiar with the situation.
In a report circulated in the media, an unidentified individual expressed concerns over a potential data breach at Bharat Sanchar Nigam Limited, a company considered to be a critical infrastructure entity, which places the privacy and security of customers at risk.
It appears that the hack was carried out by an individual, rather than by an organization, according to Saket Modi, founder and CEO of Safe Security, a cyber risk management company.
Modi told in a report that there is a high probability that it is a single website that has been breached as the hacker claims that there are around 2.9 million rows of data in the database.
It should be noted that in addition to being able to exploit SQL Injection vulnerabilities, the sample data structure that was posted on the dark web could signal a potential attack.
BSNL has not acknowledged the data breach, but the cybersecurity watchdog Cert-in has been informed.
There was a significant breach of sensitive information, which Gaur highlighted as being extremely serious.
He has emphasized that this compromise is not just harmful to user privacy, but also puts them at increased risk of identity theft, financial fraud, and targeted phishing attacks due to the compromise of sensitive information.
As a result of the warning, comprehensive measures are urgently needed to deal with the potential fallout from this security lapse and to protect BSNL's users' interests and security from potential consequences.
This Cyber News was published on www.cysecurity.news. Publication date: Tue, 26 Dec 2023 13:43:05 +0000