In an unfortunate turn of events, BSNL has suffered a data breach. This is the second time in six months, and this time, the data has been priced at $5000 for anyone to purchase. According to Athentian Technology, BSNL data breach has led to the threat actor getting access to sensitive user data such as SIM card details, international mobile subscriber identity (IMSI), home location, and critical security keys. The threat actor goes by the name "kiberphant0m" got more than 27.8GB of data from BSNL.
This data can be misused by anyone to create duplicate SIM cards, and also indulge in other criminal activities such as extortion, and more. Another such attack took place in December last year.
Read More - BSNL Reduces Validity of Rs 88 Plan
The nature of the data that has been accessed by the threat actor is "critical". The data leak can also be a threat to national security, as it can be used to target BSNL and other interconnected systems and networks. Having SIM information and authentication keys can also enable hackers to get access to financial accounts, leading to financial losses for the customers.
This is a sad development for BSNL, which is trying to win the confidence of Indian customers by rolling out homegrown 4G throughout the country. Two attacks in six months can lead to a severe loss of security trust in the minds of users. Private telecom operators, on the other hand, have implemented stringent security systems to ensure that none of their data can be hacked into.
Read More - BSNL Raised Rs 40 Crore by Selling Land Parcels in Andhra Pradesh: Report
BSNL needs to invest the same level of resources as the private telcos to ensure that its networks can't be breached. The state-run telecom operator will have to take quick measures to ensure that this data breach doesn't result in something bigger than what it already is.
