Hackers allegedly leak data of Army personnel using Airtel network; company denies any breach

NEW DELHI: A hacker group claims to have leaked data on Army personnel using Bharti’s network in Jammu and Kashmir, however, the company denied any violations in its system.

The group, called the Red Rabbit Team, hacked some Indian websites and published the data on the web pages of these portals.

The hackers shared some links to these web pages on Twitter in a comment on a tweet by cybersecurity researcher Rajshehar Rajaharia and tagged several media organizations.

The inquiry, sent to the Indian Army, did not elicit a response, but an army official said: “We are not aware of such information, but it appears to be the malicious intent of some hostile elements.”

When contacted, a Bharti Airtel spokesman denied any disruption to his server.

“We can confirm that there is no hacking or breach of any Airtel system, as claimed by this group. Many stakeholders outside Airtel have access to certain data in accordance with regulatory requirements. We have informed all relevant authorities on the matter in order to investigate this and take appropriate action. ”

“This group has been in contact with our security team for more than 15 months and has made various claims in addition to publishing inaccurate data from a specific region,” the spokesman said.

The links shared by the hacker were initially available with a mobile number, name and address of subscribers, but stopped working after a while.

The Red Rabbit team said in a statement to PTI that it had access to Bharti Airtel’s pan-Indian data via a shell uploaded to the company’s server and that more data would soon be leaked.

Rajaharia said the hackers had not shown any credible evidence of possession of Bharti Airtel’s pandas and it was also unclear how they obtained subscriber data.

“The hacker group has failed to show evidence that it has a whole database in India. Their claim to upload shells may also be false. The video on the SDR portal looks real, but only a short portion of the data can leak through it. it is not yet clear how they gained access to full data on Jammu and Kashmir subscribers, “he said.

Telecommunications operators are required to provide access to government and law enforcement agencies on the Subscriber Data Registration Portal (SDR), through which telephone numbers and subscriber data can be verified.

Rajahariya said the hackers may be from Pakistan.

“The website, which was used to upload alleged Airtel data, was hacked on December 4, 2020 by Mr. Clay (TeamLeets – Pakistani hacker group). This indicates that the Pakistani hacker group TeamLeets may be behind this data leakage, “Rajahariya said.