Cybercrime , Fraud Management & Cybercrime , Incident & Breach Response

Bharti Airtel Denies Customer Data Was Breached

Researcher Claims Data of 2.5 Million Subscribers Had Been Offered for Sale
Bharti Airtel Denies Customer Data Was Breached
Screenshot of the advertisement claiming to have Bharti Airtel subscriber data for sale (Source: Rajshekhar Rajaharia)

Bharti Airtel, one of the largest telecommunications firms in India, is refuting claims by an independent security researcher that subscriber data was breached and offered for sale by a hackers.

Cybersecurity researcher Rajshekhar Rajaharia, who posted on Twitter what he said were some of the masked details of the leaked database, says he determined that the data of 2.5 million Bharti Airtel subscribers had been compromised and posted for sale. The data includes names, dates of birth, government-issued Aadhaar ID numbers, physical addresses and IMSI cellphone subscriber ID numbers.

See Also: Selling Breaches: The Transfer of Enterprise Network Access on Criminal Forums

At one point, the stolen data was advertised for sale on a public website registered in Uttar Pradesh, India, which has since closed, Rajaharia says. A threat actor called "Red Rabbit Team" put the entire database up for sale for $3,500 in bitcoin, he adds.

Rajaharia says the website that hosted the database was active until Tuesday. He says the hackers apparently took down the domain the domain after he wrote about it. But he says he captured images of some of the data posted.

A spokesperson for Bharti Airtel, however, tells Information Security Media Group that the company's data has not been breached.

"In this specific case, we confirm that there is no data breach at our end. In fact, the claims made by this group reveal glaring inaccuracies and a large proportion of the data records do not even belong to Airtel," the spokesperson says. "We have already apprised the relevant authorities of the matter."

Rajaharia also posted a video on Twitter that he says shows online and email conversations between the Bharti Airtel security team and the Red Rabbit Team hackers negotiating over the data.

The data belonging to Bharti Airtel was offered for sale for almost two months and was available on an open-forum where anyone with an internet connection could have accessed the data, Rajaharia says.

The researcher says these types of data leaks are becoming more common throughout India, especially in the wake of the COVID-19 pandemic and workers moving to remote offices. He argues that India needs stricter privacy and data disclosure laws.

Other Breaches

Over the last few months, several large Indian organizations have been affected by data breaches.

In January, JusPay, an online payment platform, acknowledged that it sustained a breach of customer data in August 2020. That announcement came a day after Rajaharia reported that the data of millions of JusPay customers had been offered for sale on a darknet forum (see: Indian Payment Platform JusPay Breached).

In December 2020, researchers found 2 GB of personally identifiable information, including names, email addresses, contact details, and the Permanent Account Numbers of 7 million debit and credit cardholders in India circulating on darknet forums (see: Personal Details of 7 Million Indian Cardholders Exposed).

And in October 2020, a security researcher disclosed that an unsecured Amazon Web Services S3 bucket potentially exposed 50 GB of patient data belonging to Dr Lal PathLabs (see: Unsecured AWS Database Left Patient Data Exposed).


About the Author

Prajeet Nair

Prajeet Nair

Principal Correspondent

Nair is principal correspondent for Information Security Media Group's global news desk. He has previously worked at TechCircle, IDG, Times Group and other publications where he reported on developments in enterprise technology, digital transformation and other issues.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.