- India
- International
Airtel India on Friday, July 5, categorically denied reports of a data breach after a hacker announced that they were putting up the personal details of over 37.5 crore Indian customers for sale on a popular hacking forum. Responding to these allegations, an Airtel spokesperson told Indianexpress.com, “We have done a thorough investigation and can confirm that there has been no breach whatsoever from Airtel systems.”
The reportedly false data breach was brought to light by Dark Web Informer, a handle on X that tracks who posts what on the dark web. As per the post, a hacker with the alias ‘xenZen’ attempted to sell a database comprising details of over 37.5 crore Airtel India customers such as their mobile number, date of birth, father’s name, Aadhaar ID, email ID, and more at a going rate of $50,000 USD (Rs 41 lakh) to be paid in cryptocurrency.
The hacker said that the breach took place in June 2024 and reportedly shared a data sample as well. Furthermore, xenZen also claims to have been involved in an earlier breach targeting the diplomatic passport holders database maintained by the Union Ministry of External Affairs.
In 2021, cybersecurity researcher Rajshekhar Rajaharia had flagged that the details of over 2.5 million Airtel subscribers had been uploaded on the website of a threat actor called ‘Red Rabbit Team’ but was taken down after three months . Though, Airtel India had denied that any breach had taken place at that time as well.
Additionally, the subscriber databases of other major Indian telcos such as Jio and Vodafone Idea have been allegedly breached in the past. The alleged exposure of personal user data can have devastating effects on individuals who could fall victim to identity theft, financial fraud, unwanted marketing calls, etc.