Airtel Data Leak: After-Effects Could Go Beyond Revenue Impact
Over time, the lack of basic policies and unprotected servers has led to some of the biggest data security breaches in India. Despite the maximum number of bug bounty hunters, the cyberattacks have gone up manifold, compromising the user data. Moreover, it has also imposed monetary costs on enterprises.
The recent Airtel data leak is one example, wherein a hacker group has allegedly leaked the data of Army personnel using the Bharti Airtel network in India’s Jammu and Kashmir. The group that goes by the name, Red Rabbit Team, on Twitter, not only hacked some of the Indian websites but even posted the data on the web pages of those portals. The data of at least 26 lakh Airtel users in the region have been compromised.
The state-sponsored Pakistan-based hacker group, TeamLeets, is deemed responsible for the data leak. It is believed that these hackers kept creating new accounts to put the data on the web. They even shared some links of those web pages on Twitter over Cybersecurity Researcher, Rajshekhar Rajaharia’s tweet. Moreover, they tagged several media organisations and somehow tried to sell this data for $3500 in Bitcoin.
The Airtel Data leak comes at a time when the company was preparing to raise a billion-dollar with an offer of perpetual bonds – securities with no maturity date for investors. Almost a year ago, Airtel raised $250 million through perpetual bonds at 5.65 percent with the company’s wholly-owned subsidiary, Network i2i, in Mauritius, issuing the securities.
Today, Bharti Airtel is only among the few companies that have tapped the international money market with perpetual bonds. Through the investments, the network is clearly trying to strengthen its bond and expand its reach in the Middle East and Africa region. In the wake of providing cybersecurity services, Airtel even launched Airtel SECURE that provides cutting-edge solutions to customers through partnerships with global leaders in September 2020. Despite the measures, the Airtel data leak is almost an unprecedented and tragic incident for the company.
The Pakistan-based hacker group was first identified by the Delhi Police’s cyber cell in 2018. The group was working for Pakistan’s spy agency, Inter-Services Intelligence (ISI), and hacked the Indian government sites. The expert, Rajaharia, claimed that the same hacking group is responsible for the latest Airtel data leak.
The hacker group initially dumped the data on a link since they wanted to sell them but could not succeed. They threatened to leak more Airtel data through their Twitter handle – Red Rabbit Teams. This account has now been restricted for its “unusual activity”. But, the hackers didn’t just stop at that!
Another Twitter handle – ‘PANAMA-iii (Scandal and Mega Database)’ was made to tweet new links from the original sample of J&K users’ data. The account was, however, deleted later. To push forward with its agenda, TeamLeets had clearly made several Twitter handles.
Meanwhile, the Airtel authorities have constantly claimed that there is no hack or breach of any Airtel system as claimed by TeamLeets. It’s not the first time that Airtel has fallen prey to cyber hacking incidents. In 2019, the network, along with the Indian Space Research Organisation (ISRO), SBI, JustDial, and others, became part of the biggest cyber hacking incidents in India. What the companies need to note is that the after-effects of a cyberattack not just expose consumer data, but actually go beyond revenue impact.