On Wednesday, July 24, Union Minister of State for Communications Chandra Shekar Pemmasani revealed the breach at state-owned telecom operator Bharat Sanchar Nigam Limited (BSNL) in the Lok Sabha. The breach occurred on May 20, the Minister stated in a written response to a question raised by Congress MP Amar Singh.
The Minister stated that the Indian Computer Emergency Response Team (CERT-In), the primary organisation for dealing with cyber security incidents, discovered that one of BSNL's File Transfer Protocol (FTP) servers contained data comparable to the compromised data sample discovered during CERT-In's investigation.
“No breach in Home Location Register (HLR) of Telecom Network has been reported by the Equipment Manufacturer, therefore no service outage in BSNL’s Network,” claimed Pemmasani.
The centre government has formed an Inter-Ministerial Committee (IMC) to investigate telecom networks and recommend remedial actions to prevent future data breaches, the Minister revealed. According to reports, the breach came to light after a user dubbed "kiberphant0m" posted on Breachforums, a website infamous for selling hacked data, claiming to have stolen nearly 278 terabytes of data from BSNL.
The compromised data allegedly included IMSI numbers (International Mobile Subscriber Identity), SIM details, HLR (Home Location Register), a database of all active mobile network users, DP card data, and DP Security Key data, which supports BSNL's security mechanisms. The user planned to sell the data for $5,000.
To safeguard against future cyber attacks, BSNL has updated the access passwords for all similar FTP servers and instructed that endpoints (network-connected devices) maintain air gaps, which is a computer security measure that ensures a secure computer network is physically isolated from open networks for further safety.