Sat. Oct 23rd, 2021

Airtel is in the centre the massive data breach that remains all of its user data at risk of potential theft. A hacker crew going by the name of Red Rabbit Side has posted details of as many as 23 lakh (2. 5 million) Airtel subscribers online as “sample data” and looking to sell all subscriber critical information for $3, 500 bitcoins. United states where the sample data was listed has been taken down earlier this week, nevertheless the hacker group allegedly continues to be in possession of all Airtel subscribers advice.

Good Big Data Breach? A Hacker Group alleged uploaded “shell” found in @airtelindia Server. Now selling every one of India Airtel subscribers data concerning Aadhaar Number. Posted 2 . fem Million as sample data. (in Jan 2021)#InfoSec #DataLeak #GDPR #databreaches #dataprotection #DataPrivacyDay pic. twitter. com/uxWopfKU0M

— Rajshekhar Rajaharia (@rajaharia) February 2, 2021

The Airtel data breach arrived to the spotlight when Rajshekhar Rajaharia, a security researcher in India published a tweet with screenshots of the identical sample data. Most details readily available screenshots have been redacted, considering the awareness of the data sets leaked. The very hacker group posted data parts of over 25 lakh Airtel web suscribers including details like City, Baby, Full name, Date of birth, Operation status, phone number, House number, Aadhaar number, Passport, Voter ID, Father/Husband name and IMSI (International mobile or portable subscriber identity) number.

Strange! @airtelindia before now aware about this alleged breach given last 3 months. Hacker posted the majority of email conversations with airtel effectively. They also posted POC video. How steps taken to remove and small? I am also an Airtel Customer. #InfoSec #DataLeak #GDPR #databreaches sommet. twitter. com/Tdu9mMMIOW

— Rajshekhar Rajaharia (@rajaharia) February 2, 2021

The sample data pairs released contains details of Airtel men and women from regions such as Jammu and also Kashmir, Punjab, Delhi, Maharashtra, Rajasthan, Karnataka and more. Moreover, Rajshekhar besides posted a video of a conversation within the hacker group and Airtel’s Essential safety Incident Response Team (SIRT) dating back to to December 2020. This indicates regarding Airtel was aware of a potential modernized breach from the past two months or possibly even longer. The hackers were planning to extort the same amount from Airtel, but it did not seem to work out.

Moreover, Rajshekhar also revealed that finally the hackers targeted one of Airtel’s internet protokol where they uploaded a seed covering script which is essentially a wicked file that gives control of a ip to the hackers. Through this technique, usually the hackers were able to gain access to Airtel’s computers. Having said that, Airtel has outright declined any data breach on it really is servers.

“Airtel takes great pride in implementing various measures to safeguard the anonymity of its customers. In this specific predicament, we confirm that there is no data infringement at our end. In fact , the most important claims made by this group reveal manifest inaccuracies and a large proportion with all the data records do not even act like Airtel. We have already apprised the kind of authorities of the matter, ” Airtel said in a statement to the storage.

Another cybersecurity researcher Avinash Jain told This Economic Times that it is certain that depending on of Airtel users have reveal online. “Still cannot comment on are usually number, but on verification of data posted by the hacking group, it is found to be true, ” Avinash added.

It remains to be seen whether Airtel publically releases a full-scale investigation into the assignable data breach or stands our ground denying the breach.

Leave a Reply