There is significant chatter on Twitter and a popular web forum frequented by hackers, cybercriminals, and security researchers that data belonging to 375 million Airtel users is currently being sold. However, Airtel has promptly dismissed these claims, asserting that the hacker's allegations are baseless and intended to deceive people. The company firmly denies any breach in its systems.
In an official statement to India Today Tech, an Airtel spokesperson remarked, “There has been an ongoing report alleging that Airtel customer data has been compromised. This is nothing short of a desperate attempt to tarnish Airtel’s reputation by vested interests. We have done a thorough investigation and can confirm that there has been no breach whatsoever from Airtel systems.”
The speculation began when a Twitter account named FalconFeeds.ai shared a screenshot of a forum post where a hacker, identified as xenZen, claimed to be selling data of 375 million Airtel users. This post was made on BeachForums, a platform known for trading stolen data.
The BeachForum post alleges that the data includes:
- Mobile Numbers
- Names
- Dates of Birth
- Father’s Names
- Addresses
- Email IDs
- Gender and Nationality
- Aadhaar Numbers
- Photo ID Proof Details
- Address Proof Details
While it remains unclear whether the data of 375 million customers is indeed in the possession of a hacker or if there has been a breach in Airtel's systems, some security researchers believe the claims could be genuine. Nicolas Krassas, who reportedly works with Henkel AG on cybersecurity threats, retweeted information regarding the alleged Airtel data breach.
Srinivas Kodali, a frequent commentator on cybersecurity issues in India, expressed a more straightforward view. He tweeted, “Airtel has been hacked by a China-based threat actor. He listed 37.5 crore Airtel customer data, including their Aadhaar numbers, for sale. The actor who listed this data for sale on breach forums is now suspended on the forum. India's Data Protection Act is still not active.”
Although Airtel denies any breach in its system, it's worth noting that data from Indian companies has been leaked or hacked in the past. Regardless of whether you are an Airtel user or not, it is crucial to adhere to certain cybersecurity best practices. These include:
- Frequently changing passwords: Regularly update passwords for all online accounts linked to potentially compromised email addresses.
- Monitoring accounts: Keep a close eye on bank and credit card statements for any unauthorized transactions.
- Enabling two-factor authentication (2FA): Add an extra layer of security to online accounts.
- Being cautious of phishing attempts: Avoid clicking on suspicious links or providing personal information to unverified sources.
