Mumbai: Details of over 2.5 million Airtel subscribers were available on a hacker group’s website for about three months before it was taken down on Tuesday, cybersecurity researcher Rajshekhar Rajaharia<\/a> flagged in a tweet, although the company denied that its data had been breached. 黑客集团标识自己为“赤兔团队”有250万Airtel客户的个人信息,包括他们Aadhaar id。他们出售价值3500美元的比特币。 孟买:超过250万的细节Airtel用户可以在一个黑客组织的网站大约三个月前被撤下星期二,网络安全研究员Rajshekhar Rajaharia标记在一条微博,尽管该公司否认它的数据被破坏。
The website by a hacker group identifying itself as ‘Red Rabbit Team<\/a>’ had details of Airtel customers — including names, dates of birth, phone numbers, addresses, and Aadhaar IDs. They were up for sale for bitcoin<\/a> worth $3,500.
ET was able to review the data and also verify a sample of the phone numbers, which were found to be active subscribers of the telecom operator.
Independent researchers, including Rajaharia, also were able to verify that the data indeed belonged to Airtel subscribers. In fact, a user had flagged the leak on the company's Facebook page on 31 December, cybersecurity researcher Avinash Jain told ET.
“In this specific case, we confirm that there is no data breach at our end,” an Airtel spokesperson said. “In fact, the claims made by this group reveal glaring inaccuracies and a large proportion of the data records do not even belong to Airtel. We have already apprised the relevant authorities of the matter.\"
This is not the first instance when Airtel’s user data has been made vulnerable.
In 2019, an independent security researcher discovered a flaw in the Application Programming Interface of Airtel’s mobile app, which could have exposed the data of 300 million users. Airtel had then said it fixed the flaw immediately.
“It is certain that data has been leaked and it belongs to Airtel users,\" Jain said. “Still cannot comment on what is the number, but on verification of the data posted by the hacking team, it is found to be true.\"
In the latest instance, the data was leaked through what is known as a web ‘shell’ on Airtel's database, according to the hacked website and confirmed by the cybersecurity researchers. A web shell is typically a malicious script or code that allows hackers access to launch attacks using a compromised web server.
Rajaharia said regular monitoring of servers and timely updates to the operating system can help safeguard companies against such attacks.
<\/p><\/body>","next_sibling":[{"msid":80664956,"title":"Government\u2019s appeal against Vodafone admitted in Singapore court","entity_type":"ARTICLE","link":"\/news\/governments-appeal-against-vodafone-admitted-in-singapore-court\/80664956","category_name":null,"category_name_seo":"telecomnews"}],"related_content":[{"msid":"80660227","title":"Airtel","entity_type":"IMAGES","seopath":"tech\/technology\/airtel-denies-claims-that-data-of-2-5-million-users-was-leaked\/airtel","category_name":"Airtel denies claims that data of 2.5 million users was leaked","synopsis":false,"thumb":"https:\/\/etimg.etb2bimg.com\/thumb\/img-size-614900\/80660227.cms?width=150&height=112","link":"\/image\/tech\/technology\/airtel-denies-claims-that-data-of-2-5-million-users-was-leaked\/airtel\/80660227"}],"msid":80665019,"entity_type":"ARTICLE","title":"Airtel denies claims that data of 2.5 million users was leaked","synopsis":"A hacker group, which identifies itself as 'Red Rabbit Team' had personal details of 2.5 million Airtel customers, including their Aadhaar IDs. They were up for sale for bitcoin worth $3,500. ","titleseo":"telecomnews\/airtel-denies-claims-that-data-of-2-5-million-users-was-leaked","status":"ACTIVE","authors":[{"author_name":"Anandi Chandrashekhar","author_link":"\/author\/479245519\/anandi-chandrashekhar","author_image":"https:\/\/etimg.etb2bimg.com\/authorthumb\/479245519.cms?width=100&height=100","author_additional":{"thumbsize":true,"msid":479245519,"author_name":"Anandi Chandrashekhar","author_seo_name":"anandi-chandrashekhar","designation":"Senior Correspondent","agency":false}},{"author_name":"Apoorva Mittal","author_link":"\/author\/479254169\/apoorva-mittal","author_image":"https:\/\/etimg.etb2bimg.com\/authorthumb\/479254169.cms?width=100&height=100","author_additional":{"thumbsize":false,"msid":479254169,"author_name":"Apoorva Mittal","author_seo_name":"apoorva-mittal","designation":"Senior Digital Content Creator","agency":false}}],"analytics":{"comments":0,"views":468,"shares":0,"engagementtimems":2340000},"Alttitle":{"minfo":""},"artag":"ETtech","artdate":"2021-02-03 12:44:27","lastupd":"2021-02-03 12:44:51","breadcrumbTags":["airtel data leak","data leaks in india","Rajshekhar Rajaharia","red rabbit team","Industry","airtel data breach","bitcoin"],"secinfo":{"seolocation":"telecomnews\/airtel-denies-claims-that-data-of-2-5-million-users-was-leaked"}}" data-authors="[" anandi chandrashekhar","apoorva mittal"]" data-category-name="" data-category_id="" data-date="2021-02-03" data-index="article_1">
Airtel否认声称250万用户的数据被泄露
网站由一个黑客组织识别本身的赤兔的团队”Airtel客户的细节,包括名字,出生日期,电话号码,地址,和Aadhaar id。他们出售比特币价值3500美元。
等能够检查的样本数据也验证电话号码,被发现是活跃用户的电信运营商。
“在这个特定的例子中,我们确认数据没有违反我们结束,”一个Airtel发言人表示。“事实上,主张由这组显示明显的错误和一个大比例的数据记录甚至不属于附近的旅馆。我们已经通知相关部门的问题。”
这不是第一个实例当Airtel用户数据已经不堪一击。
2019年,一个独立的安全研究人员发现了一个缺陷的应用程序编程接口Airtel的移动应用程序,这可能暴露了3亿用户的数据。Airtel说它立即修复缺陷。
“这是某些数据被泄露,它属于Airtel用户,”Jain说。“仍然不能评论数是什么,但是在黑客发布的数据验证团队,发现是正确的。”
在最新的实例,数据被泄露通过所谓的web“壳”Airtel的数据库,根据入侵网站和网络安全研究人员证实的。web层通常是一个黑客恶意脚本或代码,允许访问web服务器使用妥协发动攻击。
Rajaharia说定期监测和及时更新的服务器操作系统可以帮助维护公司这样的攻击。
Mumbai: Details of over 2.5 million Airtel subscribers were available on a hacker group’s website for about three months before it was taken down on Tuesday, cybersecurity researcher Rajshekhar Rajaharia<\/a> flagged in a tweet, although the company denied that its data had been breached.
The website by a hacker group identifying itself as ‘Red Rabbit Team<\/a>’ had details of Airtel customers — including names, dates of birth, phone numbers, addresses, and Aadhaar IDs. They were up for sale for bitcoin<\/a> worth $3,500.
ET was able to review the data and also verify a sample of the phone numbers, which were found to be active subscribers of the telecom operator.
Independent researchers, including Rajaharia, also were able to verify that the data indeed belonged to Airtel subscribers. In fact, a user had flagged the leak on the company's Facebook page on 31 December, cybersecurity researcher Avinash Jain told ET.
“In this specific case, we confirm that there is no data breach at our end,” an Airtel spokesperson said. “In fact, the claims made by this group reveal glaring inaccuracies and a large proportion of the data records do not even belong to Airtel. We have already apprised the relevant authorities of the matter.\"
This is not the first instance when Airtel’s user data has been made vulnerable.
In 2019, an independent security researcher discovered a flaw in the Application Programming Interface of Airtel’s mobile app, which could have exposed the data of 300 million users. Airtel had then said it fixed the flaw immediately.
“It is certain that data has been leaked and it belongs to Airtel users,\" Jain said. “Still cannot comment on what is the number, but on verification of the data posted by the hacking team, it is found to be true.\"
In the latest instance, the data was leaked through what is known as a web ‘shell’ on Airtel's database, according to the hacked website and confirmed by the cybersecurity researchers. A web shell is typically a malicious script or code that allows hackers access to launch attacks using a compromised web server.
Rajaharia said regular monitoring of servers and timely updates to the operating system can help safeguard companies against such attacks.
<\/p><\/body>","next_sibling":[{"msid":80664956,"title":"Government\u2019s appeal against Vodafone admitted in Singapore court","entity_type":"ARTICLE","link":"\/news\/governments-appeal-against-vodafone-admitted-in-singapore-court\/80664956","category_name":null,"category_name_seo":"telecomnews"}],"related_content":[{"msid":"80660227","title":"Airtel","entity_type":"IMAGES","seopath":"tech\/technology\/airtel-denies-claims-that-data-of-2-5-million-users-was-leaked\/airtel","category_name":"Airtel denies claims that data of 2.5 million users was leaked","synopsis":false,"thumb":"https:\/\/etimg.etb2bimg.com\/thumb\/img-size-614900\/80660227.cms?width=150&height=112","link":"\/image\/tech\/technology\/airtel-denies-claims-that-data-of-2-5-million-users-was-leaked\/airtel\/80660227"}],"msid":80665019,"entity_type":"ARTICLE","title":"Airtel denies claims that data of 2.5 million users was leaked","synopsis":"A hacker group, which identifies itself as 'Red Rabbit Team' had personal details of 2.5 million Airtel customers, including their Aadhaar IDs. They were up for sale for bitcoin worth $3,500. ","titleseo":"telecomnews\/airtel-denies-claims-that-data-of-2-5-million-users-was-leaked","status":"ACTIVE","authors":[{"author_name":"Anandi Chandrashekhar","author_link":"\/author\/479245519\/anandi-chandrashekhar","author_image":"https:\/\/etimg.etb2bimg.com\/authorthumb\/479245519.cms?width=100&height=100","author_additional":{"thumbsize":true,"msid":479245519,"author_name":"Anandi Chandrashekhar","author_seo_name":"anandi-chandrashekhar","designation":"Senior Correspondent","agency":false}},{"author_name":"Apoorva Mittal","author_link":"\/author\/479254169\/apoorva-mittal","author_image":"https:\/\/etimg.etb2bimg.com\/authorthumb\/479254169.cms?width=100&height=100","author_additional":{"thumbsize":false,"msid":479254169,"author_name":"Apoorva Mittal","author_seo_name":"apoorva-mittal","designation":"Senior Digital Content Creator","agency":false}}],"analytics":{"comments":0,"views":468,"shares":0,"engagementtimems":2340000},"Alttitle":{"minfo":""},"artag":"ETtech","artdate":"2021-02-03 12:44:27","lastupd":"2021-02-03 12:44:51","breadcrumbTags":["airtel data leak","data leaks in india","Rajshekhar Rajaharia","red rabbit team","Industry","airtel data breach","bitcoin"],"secinfo":{"seolocation":"telecomnews\/airtel-denies-claims-that-data-of-2-5-million-users-was-leaked"}}" data-news_link="//www.iser-br.com/news/airtel-denies-claims-that-data-of-2-5-million-users-was-leaked/80665019">
评论
现在评论 阅读评论(1)所有评论
找到这个评论进攻?
下面选择你的理由并单击submit按钮。这将提醒我们的版主采取行动