ADVERTISEMENT
Bharat Sanchar Nigam Ltd (BSNL) has reportedly experienced a data breach, where a threat actor identified as "kiberphant0m" claims to have infiltrated their systems, according to a report. The breach has allegedly compromised sensitive information such as IMSI numbers, SIM card details, home location register data, and critical security keys, a latest report by Athentian Technology, a digital risk management firm, claims.
The data breach allegedly compromised more than 278 GB of data from BSNL’s telecommunications operations. This includes server snapshots that could potentially be used for activities like SIM cloning and extortion, highlighting the severity of the breach.
The breach could enable attackers to intercept communications, access financial accounts, and perpetrate fraud, the report says. Additionally, unauthorised access to telecom operations could lead to service disruptions and compromised infrastructure stability, impacting both users and national security, it adds.
August 2025
As India continues to be the world’s fastest-growing major economy, Fortune India presents its special issue on the nation’s Top 100 Billionaires. Curated in partnership with Waterfield Advisors, this year’s list reflects a slight decline in the number of dollar billionaires—from 185 to 182—even as the entry threshold for the Top 100 rose to ₹24,283 crore, up from ₹22,739 crore last year. From stalwarts like Mukesh Ambani, Gautam Adani, and the Mistry family, who continue to lead the list, to major gainers such as Sunil Mittal and Kumar Mangalam Birla, the issue goes beyond the numbers to explore the resilience, ambition, and strategic foresight that define India’s wealth creators. Read their compelling stories in the latest issue of Fortune India. On stands now.
This incident marks the second breach within six months for the state-owned telecom operator. The threat actor has offered this data for sale at $5,000, emphasising its complexity and critical nature, surpassing typical user information and targeting BSNL’s core operational systems. This "special pricing" was available from May 30 to May 31, 2024, highlighting the heightened value of the compromised data due to its sensitivity and broad scope.
In December last year, a threat actor named 'Perell' released a dataset on a dark web forum, revealing sensitive information about BSNL’s fibre and landline service users. The dataset, consisting of 32,000 lines, exposed email addresses, billing information, contact numbers, and also included data on mobile outage records, network specifics, completed orders, and customer profiles. 'Perell' claimed the total number of data entries across all databases amounted to 2.9 million.
Potential methods of exploitation and impacts:
SIM Cloning and Identity Theft:
SIM cloning involves creating a duplicate SIM card with the same IMSI and authentication keys as the original. If attackers have access to IMSI numbers and associated SIM authentication keys (as claimed), they can potentially clone SIM cards. This process might involve using specialised software and hardware to write stolen IMSI and key data onto blank SIM cards.
Once cloned, a SIM card can be used to intercept messages and calls, bypassing two-factor authentication, accessing bank accounts, and committing fraud under another person’s identity. This not only compromises personal security but can also lead to significant financial losses for the victims.
"BSNL should initiate an urgent investigation to assess and contain the breach. Immediate steps include securing network endpoints and auditing access logs. Secondly, implementation of enhanced security measures, including frequent security audits and the adoption of advanced threat detection technologies," Athentian Technology says in its recommendations.
"BSNL users monitor their accounts for unusual activity, enable two-factor authentication on all accounts, and remain vigilant against phishing and social engineering attacks. They urge BSNL to promptly contain the breach, secure network endpoints, conduct thorough security audits, and implement advanced threat detection technologies to mitigate further risks," it added.
Fortune India is now on WhatsApp! Get the latest updates from the world of business and economy delivered straight to your phone. Subscribe now.