BSNL, also known as Bharat Sanchar Nigam Ltd, has experienced a data breach. According to reports, hackers are selling stolen data belonging to thousands of BSNL internet and landline users on the dark web.
According to a report by ET, a serious issue involving a hacker named “Perell” has been brought to light on the dark web. This hacker claims to have obtained critical information about users of BSNL’s services, specifically those using fibre and landline connections in India.
Operating under the alias “Perell,” the hacker has made a portion of the stolen data available on the dark web. This dataset contains sensitive information such as email addresses, billing details, contact numbers, and other private data associated with BSNL’s fibre and landline users. Furthermore, it appears that more crucial information, including mobile service outage records, network specifics, completed orders, and customer information, has also been compromised.
An anonymous source familiar with the situation has emphasized the severity of this breach, stating that it poses an immediate threat to the privacy and security of BSNL customers. The data shared by the hacker consists of approximately 32,000 lines of information. However, “Perell” claims to have obtained around 2.9 million lines of data from all databases, including district-wise details of BSNL customers.
BSNL has not publicly acknowledged this breach, but it has been reported that the Indian cybersecurity agency Cert-In has been informed about the incident. Kanishk Gaur, a cybersecurity expert and founder of India Future Foundation, has expressed deep concern about the breach. He has emphasized that this event could have far-reaching consequences for both BSNL and its users. Gaur has highlighted the severity of the breach, stating that it not only puts user privacy at risk but also exposes them to dangers such as identity theft, financial fraud, and targeted phishing attempts.
Given the gravity of the situation, it is imperative for BSNL and the relevant authorities to take immediate action. They must work together to mitigate the risks and protect the affected users from potential harm resulting from the compromised data.