A hacker has claimed to have access to Airtel India customers’ database containing details of 37.5 crore users. The database reportedly includes sensitive information such as mobile numbers, date of birth, father’s name, Aadhaar ID, email ID, and more. The hacker, known as “xenZen,” is said to have announced the sale of the database on a hacking forum for $50,000 USD (Rs 41 lakh) to be paid in cryptocurrency. According to the hacker, the breach occurred in June 2024 and a sample of the data has been shared.
Airtel, on the other hand, has refuted these claims and stated that there have been no breaches in its systems. The telecom operator labeled the allegations as a desperate attempt to tarnish Airtel’s reputation by vested interests. A thorough investigation conducted by Airtel has revealed no evidence of any security breaches.
This is not the first time that “xenZen” has claimed to have access to sensitive information of Indian citizens. In the past, the same hacker was implicated in a data breach involving the diplomatic passport holder’s database maintained by the Union Ministry of External Affairs. Furthermore, in 2021, a cybersecurity researcher raised concerns about the exposure of details of over 2.5 million Airtel subscribers on a website controlled by a threat actor. Airtel denied any breach had taken place.
The potential breach of a customer’s personal information database can have severe consequences as threat actors could exploit personally identifiable information (PII) to launch phishing attacks, commit identity theft, and compromise individuals’ financial security. The importance of safeguarding personal data has been emphasized in light of these incidents, as data breaches continue to pose a significant risk to individuals’ privacy and security.
It is crucial for companies like Airtel to enhance their cybersecurity measures and strengthen data protection protocols to prevent unauthorized access to customer databases. The frequency of cyber threats and data breaches underscores the need for constant vigilance and proactive security measures to safeguard sensitive information and prevent potential risks to individuals and organizations. As technology advances, cybersecurity remains a critical priority in safeguarding data and ensuring the protection of user information from malicious actors.