Published 18:31 IST, July 31st 2024

Five major data breaches reported in FY25, two in FY24: PC Sekhar

In Lok Sabha, the minister stated, “For FY 2023-2024, two incidents have been reported and for FY 2024-2025, five incidents have been reported.

Reported by: Business Desk
Follow: Google News Icon
  • share
Data breach | Image: Pexels
Advertisement

Data breaches on rise: Minister of State for Communications Pemmasani Chandra Sekhar informed the Lok Sabha on Wednesday that five incidents of data breaches have been reported in the fiscal year 2024-25, and two incidents in 2023-24. The causes of these breaches remain undetermined, resulting in no action against service providers.

In a written reply to the Lok Sabha, the minister stated, “For FY 2023-2024, two incidents have been reported and for FY 2024-2025, five incidents have been reported. The cause of data breaches has not been established in the said instances. Hence, no action was taken on the service providers.”

Advertisement

Sekhar was responding to a query regarding the government’s data on customer data breaches by companies, including telecom firms, over the past decade and any actions taken against companies involved in such breaches and data selling.

The minister shared details of the breaches, highlighting a report from CERT-In dated May 20, 2024, which revealed that a threat actor known as 'Kiberphant0m' had gained unauthorised root super-access to servers controlled by Bharat Sanchar Nigam Ltd (BSNL).

Advertisement

Notably, four incidents were reported in July 2024:

  • On July 5, 2024, a user on platform X, @digitaldutta, claimed that Airtel data was on sale, hacked by Chinese threat actors.
  • The following day, the National Critical Information Infrastructure Protection Centre (NCIIPC) reported that virtual private network access to the network of the Telecom Regulatory Authority of India (TRAI) was being sold on an exploits forum.
  • On July 9, 2024, NCIIPC reported that personally identifiable information (PII) of Tata Tele subscribers was available on the darknet.
  • On July 19, 2024, based on credible inputs, NCIIPC revealed that over 2 TB of data from Telecommunications Consultants India Limited (TCIL) had been stolen by threat actors.

These incidents highlight the growing threat of cyber attacks and data breaches in India's telecom sector, necessitating enhanced security measures to protect sensitive information.

Advertisement

(With PTI inputs)

 

Advertisement

18:31 IST, July 31st 2024