The government on Wednesday admitted in the Lok Sabha that a server of the state-run Bharat Sanchar Nigam Limited (BSNL) was breached.
The Indian Computer Emergency Response Team (CERT-In) had reported a possible intrusion and data breach at BSNL on May 20. A probe later found that the sample of breached data shared by CERT-In was “similar” to the data on one of BSNL’s storage servers, the government said in Parliament.
The government has also formed an interministerial committee to audit telecom networks and suggest remedial measures to prevent data breaches, minister of state for communications Pemmasani Chandra Sekhar said in a written response to a question by Congress MP Amar Singh.
“CERT-In reported a possible intrusion & Data Breach at BSNL on 20.05.2024. The same was analysed and found that one File Transfer Protocol (FTP) server was having the data similar to the sample data shared by CERT-In. No breach in Home Location Register (HLR) of Telecom Network has been reported by Equipment Manufacturer, hence no service outage in BSNL’s network. However, as a remedial measure to prevent such probable breach, BSNL has taken steps i.e. access passwords to all similar FTP servers have been changed and instructions to maintain air-gap for End Points have been issued,” Sekhar wrote in his response.
On May 29, a user named ‘kiberphant0m’ had posted on Breach Forums, a well-known website for black-hat hackers to sell (or claim to sell) hacked data, that they had hacked data from BSNL and were willing to sell it for $5,000. This user claimed that the hacked data included IMSI number (International Mobile Subscriber Identity), SIM number, HLR (Home Location Register, a database with of all active users of a mobile network which includes details of their porting history, call routing details, etc.) and other details.
HT called two of the numbers given in the sample screenshot posted by the user and both numbers were BSNL numbers. could not verify the other details in the screenshot as the customers we called had forgotten details about duration of calls made in early May as well as recharge details. HT has also reached out to ‘kiberphant0m’ via the Telegram link given by the user (to negotiate price) to find out if they still have access to any BSNL servers.