Big Cybersecurity Breach
Cybersecurity has suffered from BSNL data breaches. This hack revealed 278 GB of sensitive data, including government employee phone records and security keys, putting Indian institutions at risk and exposing digital infrastructure gaps.
Breach Details
On May 29, hacker “kiberphant0m” released the material on BreachForums, a popular stolen data marketplace. Critical security keys, IMSI numbers, SIM card details, and HLR data were compromised. This security compromise exposed a Rs 1.3 trillion market to misuse and unlawful transactions.
Possible Effect
Federal employee phone records including durations and data consumption are leaked. This data could be utilized for SIM cloning and other crimes. It exposes government officials’ communications, endangering national security. Tracking users’ whereabouts and cloning SIM cards with IMSI numbers, which don’t reveal phone numbers, can lead to identity theft and data breaches.
Government Reaction
The Indian government has not addressed the breach, despite its gravity. All government ministries and departments had to use BSNL and MTNL for telecom in 2020. Official communications were safeguarded by this directive, making the breach problematic.
Analysis by experts
Digital risk management firm Athenian Technology warned of data-based blackmail. Cybersecurity expert Prateek Dubey stated, “It is practically impossible to catch every threat actor posting such data on these platforms as their numbers are increasing by the day.”
BreachForums: Permanent Risk
After several law enforcement seizures, data-leaking website BreachForums maintains operations. Conor Brian Fitzpatrick, 19, founded the data-trading site in March 2022. After Fitzpatrick’s arrest and brief ownership of the forum in May 2023, ‘ShinyHunter’ restored it, showing authorities’ problems shutting down such sites.
Past Events
Indian data was compromised on BreachForums. Rentomojo was ransomwared in May 2023 for 1.5 million Zivame subscribers’ data. Noteworthy data breaches include BSNL, CERT-In, and HawkEye, the Telangana Police website.
Conclusion
Public sector cybersecurity must be strengthened after the BSNL data breach. BreachForums breaches government data, exposing crimes and compromising national security. This incident underlines the vulnerability of our digital infrastructure and the importance of proactive cybersecurity as authorities fix the damage and prevent future breaches.