The Department of Telecommunications (DoT) in India has asked all telecom operators in the country to conduct a security audit after an alleged data breach of over 750 million customers. The issue was reported by India-based cybersecurity firm CloudSEK, which claims that hackers are selling 1.8 terabytes of data on the dark web, containing information of telecom users in the nation.
The data contains sensitive information about general users such as names, mobile numbers, addresses, and even Aadhaar details. CloudSEK says that this breach is a big cyber attack threat to individuals and organisations.
According to The Economic Times, telcos in the country have informed the DoT that the leaked information is a collection of old data sets of various telecom subscribers. The companies also state that the breach has not happened due to any technical vulnerabilities in the infrastructure of telecom operators.
Sparsh Kulshreshta, Threat Intelligence and Security Researcher at CloudSEK, mentions that the leaked data is indeed genuine. The contact numbers and Aadhaar details associated with them are found to be valid. Information of over 750 million users is on sale on the dark web, for just $3000.
This data can be used by hackers to exploit targeted cyber attacks on specific users. It can lead to identity theft, reputation damage, and even cause financial fraud. As of now, the exact magnitude of this data breach is still being investigated.
Telecom operators like Jio, Airtel, Vi, and others have not officially responded to the situation yet. The Indian Computer Emergency Response Team (CERT-In) is also said to be monitoring the same. However, an official statement is still awaited.
In the meantime, Indian telecom users should stay alert from spam text messages and emails. One should avoid clicking on malicious links or attachments that they receive in their inbox. Phishing attacks are known to increase in volume when a data breach happens. Although one cannot prevent a data breach at an individual level, following general safety measures can safeguard users from potential harm.
