Skip to content

Government confirms BSNL breach; forms committee to investigate

  • by
  • 3 min read

Photo: mrinalpal / Shutterstock.com

The government of India confirmed the data breach involving Bharat Sanchar Nigam Limited (BSNL) in the Lok Sabha on Wednesday. Minister of State for Communications, Pemmasani Chandra Sekhar, detailed the government’s response, including forming an interministerial committee tasked with auditing telecom networks and recommending preventive measures against future breaches.

The Indian Computer Emergency Response Team (CERT-In) had initially reported the possible intrusion on May 20.

Minister Shekhar acknowledged the breach and outlined steps to mitigate the damage and prevent recurrence. The interministerial committee will thoroughly audit telecom networks, scrutinising existing security protocols and identifying vulnerabilities.

Their mandate includes suggesting comprehensive measures to bolster data security across all state-run and private telecom operators.

“No breach in Home Location Register (HLR) of Telecom Network has been reported by Equipment Manufacturer, hence no service outage in BSNL’s network,” Minister Shekhar wrote in response to a question by Congress MP Amar Singh. “However, as a remedial measure to prevent such probable breach, BSNL has taken steps, i.e. access passwords to all similar FTP servers have been changed, and instructions to maintain air-gap for End Points have been issued.”

A cyberattack attributed to the hacker group known as ‘kiberphant0m’ resulted in a significant data breach at BSNL. The incident led to the unauthorised access and exfiltration of more than 278 gigabytes of confidential information from the company’s computer systems.

Photo: Westock Productions / Shutterstock.com
Photo: Westock Productions / Shutterstock.com

The compromised data encompassed a wide range of sensitive details, including subscribers’ IMSI numbers, information related to SIM cards, various security codes and keys, and even images captured from BSNL’s SOLARIS server infrastructure. This breach exposes customers to privacy risks and could have far-reaching consequences for the telecom provider’s operations and reputation.

The extent of the breach is significant, potentially affecting millions of BSNL subscribers. The stolen data was sold on the dark web for $5,000. SIM cloning, one of the potential malicious activities, can lead to intercepted communications, unauthorised access to bank accounts, and other forms of identity theft.

The exposure of Solaris server snapshots and Home Location Register (HLR) details further exacerbates the threat, allowing attackers to manipulate network settings and conduct unauthorised surveillance.

Furthermore, BSNL’s role in India’s defence establishment heightened the stakes of this breach.

In the News: Secure Boot isn’t secure on hundreds of devices from top manufacturers

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

>