In an alarming discovery, it appears that a significant data breach has occurred at Indian ISP, Netplus. Reportedly, data pertaining to as many as 1.2 million users have surfaced on various forums and social media channels and is currently being offered for sale. Netplus, a company with a revenue of $13.8 million, now faces a grave cybersecurity challenge.
About the Incident
While the exact date of the breach remains unclear, our sources indicate that the data was first put up for sale on July 2, 2023. The sale purportedly includes not only users’ data but also details about a vulnerability in the Netplus system.
A sample of the exposed data was scrutinized by our security researchers. Sample file contained personal details of 380 individuals, including names, phone numbers, billing IDs, along with the respective dates and amounts. Such sensitive information being available publicly poses substantial risks for the affected individuals.
It’s unsettling to realize that this extensive cache of personal data is listed for sale at $800, with the note that negotiations are open for ‘serious buyers.’ The promotion of such activities, involving the illegal trade of private information, raises severe ethical and security questions.
Given the severity of this breach, Netplus customers should act swiftly. It’s highly recommended to change your passwords, scrutinize your accounts for abnormal activities, and implement multi-factor authentication to bolster security.
A Dark History Repeats
In a concerning recurrence, this isn’t the first time Netplus, a flourishing ISP in Punjab and subsidiary of Fastway Transmission Pvt Ltd, has been targeted by cybercriminals. The infamous hacking group or individual, Shadowhacker, notorious for its cyber attacks on Indian hospitals and various corporate and government entities worldwide, has previously breached Netplus’s defenses. In a chilling claim made in an underground hacker’s forum, they professed to have gained unauthorized access to Netplus’s customer database, allegedly selling the stolen data for $200. The illicit data, amounting to 150K records, reportedly contained sensitive user information, including names, email addresses, cities, and account statuses. The repeated breach underscores the persistent cybersecurity challenges Netplus faces, reminding us of the imperative need for robust, continuous security enhancements in our digital era.
Awaiting Official Response
We’re yet to receive an official statement from Netplus about this incident. The manner in which they handle this crisis will critically shape the trust and confidence of their customers moving forward.
This incident underscores the omnipresent cyber threats that lurk within our digitized world. As we dig deeper into this issue, we’ll keep our readers abreast of any developments. This situation once again reiterates the significance of maintaining robust cybersecurity practices.