The recent data leak of at least 26 lakh Airtel users from Jammu and Kashmir was the handiwork of Pakistan-based hackers, who created new accounts to put data in the public forum and sell them for $3500 in Bitcoin, a security expert said on Thursday.
The hackers, who go by the name of ‘TeamLeets’ and are possibly operating from Pakistan, initially dumped the data on a link and even threatened to leak more Airtel data via a new Twitter handle that goes by the name of ‘Red Rabbit Teams’.
The new Twitter account, however, has been restricted by the microblogging site for “unusual activity”.
TeamLeets then created another Twitter handle that goes by the name of ‘PANAMA-iii (Scandal and Mega Database)’, which tweeted fresh links to another subset of data from the original sample of 26 lakh J&K users, which may belong to the people from the Indian Army. This particular account was also deleted later.
“TeamLeets, which is a Pakistan-based hacking group, is behind the Airtel data leak,” independent cyber security researcher Rajshekhar Rajaharia told IANS when contacted.
“They first dumped the data on a domain in December last year, which was removed. TeamLeets then created a couple of Twitter accounts to further push its agenda. It is possible that Red Rabbit Teams and TeamLeets are two sides of the same coin or are working together,” Rajaharia added.
The Pakistan-based hackers had access to the data and wanted to sell them but could not succeed. Hence, they dumped the data on the internet.
The hackers had dumped the data on the public forum, and not on the Dark Web.
In an earlier statement, Airtel had said that in this specific case, “we confirm that there is no data breach at our end”.
“In fact, the claims made by this group reveal glaring inaccuracies and a large proportion of the data records do not even belong to Airtel. We have already apprised the relevant authorities about the matter,” Airtel had said.
–IANS