Airtel denies report of data leak that affected over 2.5 million subscribers

A hacker group managed to acquire the personal information of over 2 million Airtel subscribers. Airtel, however, confirms that there is no data breach.

Highlights
  • Personal information of over 2.5 million Airtel subscribers was acquired by a hacker group, who tried to sell the information online for USD 3,500
  • Leaked emails between the group and Airtel suggest that the breach occurred sometime in December 2020. 
  • Airtel has maintained that its servers are unaffected and that the breach likely originated from elsewhere. 

A report earlier this week claimed an Airtel data breach that affected as many as two million subscribersSensitive information such as addresses, Aadhar card numbers, and gender were up for sale on the internet, according to the India Today report. The breach was spotted by independent security researcher Rajshekhar Rajaharia. A group that called itself Red Rabbit Team is allegedly responsible for the hack. The team behind the reported Airtel data breach was looking to sell the information online for USD 3,500 (approx Rs 2.55 lakh) worth of Bitcoin. Although the website is offline now, the hackers still have possession of the data and could sell it elsewhere in the future. 

Also read: Data of over 10 crore debit, credit cardholders leaked online: should you worry?

Before attempting to sell the data online, Red Rabbit Team tried to extort Airtel for the same amount. This is proven by a video recording of emails between the hackers and Airtel. Timestamps on said emails suggest that the breach happened on December 12, indicating that Airtel was aware of the issue for quite some time, but chose to remain tight-lipped about it. 

However, Airtel has vehemently denied that the breach originated on its end. An Airtel representative issued the following statement to the Economic Times, “In this specific case, we confirm that there is no data breach at our end,” an Airtel spokesperson said. “In fact, the claims made by this group reveal glaring inaccuracies and a large proportion of the data records do not even belong to Airtel. We have already apprised the relevant authorities of the matter.”

Airtel is insinuating that the breach originated elsewhere and that its servers have been unaffected. However, the tone in Airtel’s emails seems to suggest otherwise. This particular leak is quite alarming, as 25 lakh records belong to J&K residents, some of which could military personnel.