More than 25 Lakh Indian Airtel users data breach by the Ransom cyber attack on Databases
Airtel is nonetheless retaining its stance that there has been no statistics leak. An Airtel spokesperson stated that “there is no hack or breach of any Airtel machine as claimed by way of this group”. We have apprised all the applicable authorities of the count too, therefore, check out this and take fantastic action,” the organization spokesperson added.
The PDP consignment mandates statistics fiduciaries — which collect, save, and technique users’ private statistics for presenting a provider — to notify the DPA about an information breach that is probably to purpose damage to customers, failing which, the fiduciary would have to pay an excellent of up to INR 5 Cr or 2% of the international turnover of the fiduciary, whichever is greater. A supply advised us that the hacking crew had been attempting to finalize a deal with Airtel for $3,000 considering the fact that October 2019. Moreover, preliminary tries had been made via the crew by using posing as a journalist from Delhi, then as a police official. The supply delivered that Airtel didn’t provide into the demand for a ransom, due to the fact the organization wasn’t satisfied with the authenticity of the statistics which the hacker had purportedly stolen.
What data has been leaked?
As seen by Hackread.com, the leaked data contains the following:
- City
- Gender
- Full names
- Date of birth
- Service status
- Phone numbers
- House numbers
- Aadhaar numbers
- Passport numbers
- Voter ID number
- Father/Husband name
- IMSI (International mobile subscriber identity) numbers.
It is also worth noting that the website operated by the Red Rabbit Team was also down at the time of writing this article. It can be a technical issue or the group may have decided to call it quits.
Past History
In 2020, Indian organizations suffered large information breaches that ended up non-public information of tens of millions of unsuspecting customers in the arms of cybercriminals. For instance, in December remaining year, Indian job portal IIMJobs suffered a breach in which 1.4 million registered customers have been impacted. In every other incident, 29 million Indian job seekers had their facts together with resume leaked on various hacker boards for download. In July 2020, Google-funded shipping provider Dunzo suffered a statistics breach by means of ShinyHunters in which 11GB really worth of statistics was once leaked online.
Rumors
It used to be again in 2018 when the Delhi Police cyber phone had recognized a Pakistan-based hacker team that hacked into the Indian authorities' internet site and defaced it. These hackers stored growing new bills to put the leaked information on the net and tried to promote them for $3,500 in Bitcoin (Rs 2.5 lakh approx).
Conclusion
Notably, KYC necessities for Indian telcos make the series of the above facts from every person mandatory. However, quickly after Rajaharia shared records about the statistics leak on Twitter, the hacker’s internet site used to be pulled down. It is uncertain if the internet site was once pulled down voluntarily by using the hacker or if it was once the motion of authorities.