BSNL Faces Data Breach: Hacker 'Perell' Sells User Data on Dark Web

BSNL, the telecom operator, has fallen victim to a data breach, with thousands of internet and landline user records now available for sale on the dark web, courtesy of a hacker known as 'Perell.' The breach, raising concerns about identity theft, financial fraud, and targeted phishing attempts, involves sensitive information of BSNL users, including email addresses, billing details, and contact numbers.

The hacker, operating under the alias "Perell," has surfaced on the dark web, claiming to possess critical information regarding users utilizing BSNL's fiber and landline services in India. A portion of the stolen data, which amounts to around 32,000 lines of information, has already been disclosed. Notably, "Perell" asserts control over approximately 2.9 million lines of data encompassing all databases, providing district-wise details of BSNL customers.

Despite BSNL's public silence on the matter, Cert-In, the Indian cybersecurity agency, has reportedly been notified about the breach. The severity of the situation has been underscored by an unnamed source familiar with the matter, emphasizing the immediate threat to the privacy and security of BSNL customers.

Kanishk Gaur, a cybersecurity expert and founder of India Future Foundation, expressed deep concern about the breach, recognizing its potential widespread implications. He highlighted the gravity of the situation, emphasizing that it not only compromises user privacy but also exposes them to significant risks, including identity theft, financial fraud, and targeted phishing.

In light of this, urgent action is required from BSNL and relevant authorities to address the breach, mitigate risks, and implement measures to protect affected users from the potential harm arising from the compromised data. While BSNL has yet to acknowledge the breach publicly, the involvement of Cert-In signals an ongoing response to contain and address the fallout of this cybersecurity incident.