Airtel India claims it did not suffer a data breach and there are inaccuracies in claims made by the hackers.
A group of hackers going by the online handle of “Red Rabbit Team” is claiming to steal personal and sensitive data belonging to Airtel India or Bharti Airtel, a popular Indian multinational telecommunications services company.
Apparently, hackers are now selling Airtel India’s database for $3500 in BTC and as proof, details of 2.5 million customers have already been leaked on a website operated by the group on the dark web. This was revealed to Hackread.com by Indian cybersecurity researcher Rajshekhar Rajaharia earlier today.
What data has been leaked?
As seen by Hackread.com, the leaked data contains the following:
- Full names
- Date of birth
- Service status
- Phone numbers
- House numbers
- Aadhaar numbers
- Passport numbers
- Voter ID number
- Father/Husband name
- IMSI (International mobile subscriber identity) numbers.
Hackers claim to upload shell on Airtel’s server
The Red Rabbit Team has shared a screenshot in which the hackers can be seen uploading shell on one of Airtel’s servers.
Shell, in this case, is a malicious script that allows attackers to control the targeted server – essentially a backdoor program, similar in functionality to a trojan for PCs.
Shell allegedly uploaded by hackers
According to Rajaharia, Airtel was aware of the issue for at least 3 months as the Red Rabbit Team released a video showing the entire email conversation between Airtel and the group. The email conversation dates back to 12th, December 2020.
Airtel denies data breach
Reportedly, Airtel has denied suffering a data breach stating that there has been a number of inaccuracies in claims made by the group. The company further added that it has analyzed the leaked data and most of it doesn’t belong to Airtel’s customers.
It is also worth noting that the website operated by the Red Rabbit Team was also down at the time of writing this article. It can be a technical issue or the group may have decided to call it quits.
A data breach or web scrapping?
Although hackers claim to upload shell on Airtel’s servers, the leaked data could have been collected by using illegal data scrapping technique or sold by government officials/insiders within the telecom sector as similar incidents were reported previously.
Either way, it poses massive security and privacy threat to Indian citizens. It can allow cybercriminals to carry out SMSishing, SIM Swapping attacks, and identity scams while State-backed actors can use the data for all sorts of malicious purposes.
Increase in data belonging to Indian citizens
In 2020, Indian companies suffered massive data breaches that ended up personal data of millions of unsuspecting users in hands of cybercriminals. For instance, in December last year, Indian job portal IIMJobs suffered a breach in which 1.4 million registered users were impacted.
In another incident, 29 million Indian job seekers had their data including resume leaked on several hacker forums for download. In July 2020, Google-funded delivery service Dunzo suffered a data breach by ShinyHunters in which 11GB worth of data was leaked online.