Airtel denies rumoured 37.5 cr subscriber data breach, calls it an attempt to ‘tarnish reputation’

Digital Desk: Bharti Airtel firmly rebutted claims on Friday of a data breach after reports surfaced that personal details of over 37.5 crore Indian customers were purportedly being sold on a dark web forum. An Airtel spokesperson categorically stated to News18.com, "We have conducted a thorough investigation and can confirm that there has been no breach whatsoever from Airtel systems."

The alleged breach came to light through Dark Web Informer, a monitoring handle on X that tracks activities on the dark web. According to the report, a hacker using the alias ‘xenZen’ claimed to have a database containing sensitive information such as mobile numbers, dates of birth, father’s names, Aadhaar IDs, and email IDs of Airtel customers. The hacker allegedly offered this database for sale at $50,000 USD (approximately Rs 41 lakh) payable in cryptocurrency.

Reports circulating about the breach suggested that details of 375 million Airtel customers, including phone numbers, email addresses, and Aadhaar numbers, were accessible on the dark web. However, the authenticity of these claims remains unverified by reputable sources like Moneycontrol.

This incident echoes previous concerns in 2021 when cybersecurity researcher Rajshekhar Rajaharia flagged a similar issue involving data of 2.5 million Airtel subscribers on a threat actor's website named ‘Red Rabbit Team’. Airtel India had refuted any breach at that time as well.

It's noteworthy that other major Indian telecom companies like Jio and Vodafone Idea have also allegedly faced breaches of subscriber databases in the past. The exposure of such personal data poses significant risks, including identity theft, financial fraud, and intrusive marketing practices, potentially impacting millions of individuals.

As the situation develops, cybersecurity vigilance and stringent measures are imperative to safeguard customer information in an increasingly digital age. Airtel's swift denial underscores the seriousness with which such allegations are addressed, emphasizing the importance of robust security protocols to mitigate risks of data breaches and protect consumer privacy.