The recent data leak of more than 26 lakh Airtel users was allegedly orchestrated by state-sponsored hackers from Pakistan. The subscribers whose data has been leaked belong to the Jammu and Kashmir area.
After failing to sell the data for $3,500 in Bitcoin (Rs 2.5 lakh approx), the hackers allegedly dumped it on public platforms of the internet instead of dumping it on Dark web.
Initially, they dumped the data via a domain on the internet. The hackers then threatened to leak more data via a new Twitter handle that goes by the pseudonym 'Red Rabbit Teams'.
The same Pakistan-based hacker group 'TeamLeet' that allegedly defaced Indian government websites through hacking, identified by the Delhi Police cyber cell in 2018, is suspected to be behind the leak. The team was touted to be working at the behest of Pakistan's Inter-Services Intelligence (ISI), its premier spy agency.
"TeamLeets, which is a Pakistan-based hacking group, is behind the Airtel data leak. It is possible that Red Rabbit Teams and 'TeamLeets' are two sides of the same coin or are working together," said independent cybersecurity researcher Rajshekhar Rajaharia.
Twitter banned Red Rabbit teams citing "unusual activity" following which the hackers created another Twitter handle 'PANAMA-iii'. The account tweeted a fresh set of links that led to a subset of the original data of 26 lakh users. Data belonging to users from the Indian Army are also suspected to be in the list.
However, Airtel company is still standing firm in its stance that there has been no data leak. "There is no hack or breach of any Airtel system as claimed by this group. This group has been in touch with our security team for over 15 months now and has made varying claims in addition to posting inaccurate data from one specific region. We have apprised all the relevant authorities of the matter to, therefore, investigate this and take appropriate action," said a spokesperson of Airtel.