Cyber Incident Victim: Bharat Sanchar Nigam Limited
Date:
Jul 2015
Location:
India
Summary
A hacktivist group identifying as Anonymous India breached the telecommunications provider Bharat Sanchar Nigam Limited's website, injecting documents containing demands and claiming to have exfiltrated sensitive data of over 30 million users. The attackers cited protests against government surveillance programs, inadequate data security practices including plaintext password storage, and regulatory failures related to net neutrality consultations that exposed citizens' contact information. They emphasized exposing systemic vulnerabilities in national digital infrastructure rather than data manipulation, while warning about risks of foreign exploitation due to unaddressed security flaws in critical systems. The incident followed previous breaches targeting national tax identification records and coal-sector platforms as part of coordinated demonstrations against India's digital governance policies.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On July 4, 2015, the Indian state-owned telecommunications company Bharat Sanchar Nigam Limited (BSNL) suffered a website breach by the hacktivist group AnonOpsIndia, which identified itself as "Anonymous India." The group compromised BSNL's web servers and injected multiple documents containing demands addressed to the Indian government. This marked the group's third major cyber intrusion within seven days, following prior attacks on India's Permanent Account Number (PAN) tax identification database and an unspecified coal-sector website. AnonOpsIndia stated the hack was a protest against the government's net neutrality stance, its handling of the Digital India initiative, and surveillance programs. The attackers claimed to have replicated BSNL's entire database containing sensitive information of over 30 million users but asserted they did not tamper with stored data. The compromised BSNL website remained non-functional for hours after the breach was detected.
AnonOpsIndia publicly criticized BSNL for storing user passwords in plain text, warning administrators to secure their systems before "Chinese attackers" could exploit the vulnerabilities. The group specifically condemned the Telecom Regulatory Authority of India (TRAI) for publishing millions of unredacted email addresses from a public consultation on internet licensing, which facilitated spam campaigns. Their published demands included halting surveillance projects like the CMS system and redirecting funds toward cybersecurity improvements. The hackers also alleged that Reliance Jio's chat app transmitted unencrypted data to China. In communications with journalists, AnonOpsIndia framed their actions as exposing security flaws in Digital India infrastructure rather than malicious attacks, noting no government officials had contacted them post-breach. BSNL's website disruption and the exposure of critical security failures represented operational and reputational impacts, though the full extent of data compromise remained unverified. Media outlets contacted BSNL for official statements regarding the incident response, but no mitigation details or restoration timelines were disclosed in the available report.