Cybersecurity researcher Rajshekhar Rajaharia flagged in a tweet that details of over 2.5 million Airtel subscribers were available on a hacker group’s website for about three months before it was taken down yesterday. Now, ET has reported that Airtel has denied about the data breach.
The website by a hacker group identifying itself as ‘Red Rabbit Team’ had details of Airtel customers — including names, dates of birth, phone numbers, addresses, and Aadhaar IDs. They were up for sale for bitcoin worth $3,500.
This is not the first instance when Airtel’s user data has been made vulnerable. In 2019, an independent security researcher discovered a flaw in the Application Programming Interface of Airtel’s mobile app, which could have exposed the data of 300 million users. Airtel had then said it fixed the flaw immediately.
In the latest instance, the data was leaked through what is known as a web ‘shell’ on Airtel’s database, according to the hacked website and confirmed by the cybersecurity researchers. A web shell is typically a malicious script or code that allows hackers access to launch attacks using a compromised web server.
Rajaharia said regular monitoring of servers and timely updates to the operating system can help safeguard companies against such attacks.