Govt Confirms Data Breach At BSNL

Share via:


SUMMARY

The data breach was analysed and found that one FTP server had data similar to the sample data shared by CERT-In, MoS for communications said

The minister also said that the government has constituted an inter-ministerial committee to conduct an audit of the telecom networks and suggest remedial measures

The development comes a month after reports surfaced that hackers were selling 278 GB of sensitive data of BSNL users, including IMSI numbers and SIM card information

The Centre has said that there was a “possible intrusion and data breach” at state-owned telecom company Bharat Sanchar Nigam Ltd (BSNL) on May 20, 2024.

Responding to a question, minister of state (MoS) for communications Pemmasani Chandra Sekhar informed the Parliament that the Indian Computer Emergency Response Team (CERT-In) reported a possible data breach at BSNL to the government. 

“The same (data breach) was analysed and found that one file transfer protocol (FTP) server was having the data similar to the sample data shared by CERT-In. No breach into (the) home location register (HLR) of (the) telecom network has been reported by (the) equipment manufacturer, hence no service outage in BSNL’s network,” added Sekhar.

The MoS also said that the government, in response to the data breach, has constituted an inter-ministerial committee (IMC) to conduct an audit of the telecom networks and suggest remedial measures for prevention of data breaches in the telecom networks in the future.

Additionally, he said that the telecom operator has also taken steps to address these issues, including changing access passwords of all similar FTP servers and instructions to maintain air-gap for endpoints.

The development comes a month after reports surfaced that a major data breach at BSNL leaked critical user data, including international mobile subscriber identity (IMSI) numbers, SIM card information, home location register details, DP card data and even snapshots of BSNL’s SOLARIS servers. 

At the time, a report by Athenian Tech said that the hackers compromised over 278 GB of sensitive information of BSNL users, which could put millions of users at risk. The hack came to light after the hackers began selling the stolen data online on the dark web for $5,000 (roughly INR 4.17 Lakhs). 

“The attacker started selling the data on the dark web in the month of May. While they’re selling it for as low as $5,000, the potential impact could be in millions in terms of a cyber breach or stealing certain identifiable information,” Athenian Tech CEO Kanishk Gaur told Inc42 at the time. 

However, this is not the first time that BSNL has faced such an issue. In December 2023, another hacker claimed to have accessed personal information of BSNL users. 

This comes at a time when India is witnessing a big spurt in cybercrimes. Earlier in the day, the government informed the Parliament that CERT-In reported 23,158 “cyber security incidents” in 2023. It also said that the country saw 12,330 cases of “network scanning and probing”, 1,185 cases of “virus/malware incidents” and 401 phishing incidents last year. 

The Centre has taken a slew of steps to address the rise in such incidents. In May, the Ministry of Home Affairs’ cyber crime unit launched the ‘Pratibimb’ app to help law enforcement agencies track cybercriminals in real-time. 

Earlier, the telecom department also launched ‘Digital Intelligence Platform’ for real-time information sharing among stakeholders, and ‘Chakshu’ portal for reporting fraud communications.





Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Popular

More Like this

Govt Confirms Data Breach At BSNL


SUMMARY

The data breach was analysed and found that one FTP server had data similar to the sample data shared by CERT-In, MoS for communications said

The minister also said that the government has constituted an inter-ministerial committee to conduct an audit of the telecom networks and suggest remedial measures

The development comes a month after reports surfaced that hackers were selling 278 GB of sensitive data of BSNL users, including IMSI numbers and SIM card information

The Centre has said that there was a “possible intrusion and data breach” at state-owned telecom company Bharat Sanchar Nigam Ltd (BSNL) on May 20, 2024.

Responding to a question, minister of state (MoS) for communications Pemmasani Chandra Sekhar informed the Parliament that the Indian Computer Emergency Response Team (CERT-In) reported a possible data breach at BSNL to the government. 

“The same (data breach) was analysed and found that one file transfer protocol (FTP) server was having the data similar to the sample data shared by CERT-In. No breach into (the) home location register (HLR) of (the) telecom network has been reported by (the) equipment manufacturer, hence no service outage in BSNL’s network,” added Sekhar.

The MoS also said that the government, in response to the data breach, has constituted an inter-ministerial committee (IMC) to conduct an audit of the telecom networks and suggest remedial measures for prevention of data breaches in the telecom networks in the future.

Additionally, he said that the telecom operator has also taken steps to address these issues, including changing access passwords of all similar FTP servers and instructions to maintain air-gap for endpoints.

The development comes a month after reports surfaced that a major data breach at BSNL leaked critical user data, including international mobile subscriber identity (IMSI) numbers, SIM card information, home location register details, DP card data and even snapshots of BSNL’s SOLARIS servers. 

At the time, a report by Athenian Tech said that the hackers compromised over 278 GB of sensitive information of BSNL users, which could put millions of users at risk. The hack came to light after the hackers began selling the stolen data online on the dark web for $5,000 (roughly INR 4.17 Lakhs). 

“The attacker started selling the data on the dark web in the month of May. While they’re selling it for as low as $5,000, the potential impact could be in millions in terms of a cyber breach or stealing certain identifiable information,” Athenian Tech CEO Kanishk Gaur told Inc42 at the time. 

However, this is not the first time that BSNL has faced such an issue. In December 2023, another hacker claimed to have accessed personal information of BSNL users. 

This comes at a time when India is witnessing a big spurt in cybercrimes. Earlier in the day, the government informed the Parliament that CERT-In reported 23,158 “cyber security incidents” in 2023. It also said that the country saw 12,330 cases of “network scanning and probing”, 1,185 cases of “virus/malware incidents” and 401 phishing incidents last year. 

The Centre has taken a slew of steps to address the rise in such incidents. In May, the Ministry of Home Affairs’ cyber crime unit launched the ‘Pratibimb’ app to help law enforcement agencies track cybercriminals in real-time. 

Earlier, the telecom department also launched ‘Digital Intelligence Platform’ for real-time information sharing among stakeholders, and ‘Chakshu’ portal for reporting fraud communications.





Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi

More like this

FIFA, Mythical Games collaborate to launch blockchain game FIFA...

Mythical’s CEO John Linden anticipates that FIFA Rivals...

Hands-on with AirPods 4: better in every way

AirPods 4 are here, and they are awesome....

Popular

Upcoming Events

Startup Information that matters. Get in your inbox Daily!